Kibana RCE via Timelion SSTI — requires authenticated access but Kibana deployments are often internet-exposed with default credentials. Apply patches immediately. Restrict Kibana access to VPN-only and audit Kibana admin accounts.
Kibana versions before 5.6.15 and 6.6.1 contain an arbitrary code execution flaw in the Timelion visualizer. An attacker with access to the Timelion application could send a request that will attempt to execute javascript code.
Exploit-DB.ai delivers real-time AI-triaged zero-day alerts directly to your inbox.
Activate Supernova →