ET WEB_SPECIFIC_APPS Kibana Attempted LFI Exploitation (CVE-2018-17246)

SID: 2026739Rev: 40 viewsHistory

Sourceet/open

CreatedDecember 19, 2018

UpdatedAugust 27, 2020

Classificationattempted-user

alert http any any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Kibana Attempted LFI Exploitation (CVE-2018-17246)"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/api/console/api_server?sense_version="; depth:38; fast_pattern; content:"SENSE_VERSION&apis="; pcre:"/^(?:\.\.\/){2,}/R"; reference:url,www.bleepingcomputer.com/news/security/file-inclusion-bug-in-kibana-console-for-elasticsearch-gets-exploit-code/; classtype:attempted-user; sid:2026739; rev:4; metadata:attack_target Web_Server, created_at 2018_12_19, cve CVE_2018_17246, deployment Perimeter, performance_impact Low, signature_severity Major, updated_at 2020_08_27;)

References

url	www.bleepingcomputer.com/news/security/file-inclusion-bug-in-kibana-console-for-elasticsearch-gets-exploit-code/

Metadata

attack targetWeb_Server

created at2018_12_19

cveCVE-2018-17246

deploymentPerimeter

performance impactLow

signature severityMajor

updated at2020_08_27

Comments (0)

Please sign in to leave a comment.

No comments yet. Be the first to comment!