Vulnerability Details : CVE-2019-13423
Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an authenticated Kibana user could impersonate as kibanaserver user when providing wrong credentials when all of the following conditions a-c are true: a) Kibana is configured to use Single-Sign-On as authentication method, one of Kerberos, JWT, Proxy, Client certificate. b) The kibanaserver user is configured to use HTTP Basic as the authentication method. c) Search Guard is configured to use an SSO authentication domain and HTTP Basic at the same time
Vulnerability category: BypassGain privilege
Products affected by CVE-2019-13423
- Search-guard » Search Guard » For KibanaVersions from including (>=) 6.1.0-8 and before (<) 6.2.3-12cpe:2.3:a:search-guard:search_guard:*:*:*:*:*:kibana:*:*
- cpe:2.3:a:search-guard:search_guard:*:*:*:*:*:kibana:*:*
Exploit prediction scoring system (EPSS) score for CVE-2019-13423
0.10%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 42 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2019-13423
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
6.5
|
MEDIUM | AV:N/AC:L/Au:S/C:P/I:P/A:P |
8.0
|
6.4
|
NIST | |
8.8
|
HIGH | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H |
2.8
|
5.9
|
NIST |
CWE ids for CVE-2019-13423
-
When an actor claims to have a given identity, the product does not prove or insufficiently proves that the claim is correct.Assigned by: security@search-guard.com (Secondary)
References for CVE-2019-13423
-
https://search-guard.com/cve-advisory/
CVE - advisory - Search GuardVendor Advisory
-
https://docs.search-guard.com/6.x-25/changelog-kibana-6.x-12
Kibana 6.x-12 | Elasticsearch Security | Search GuardVendor Advisory
Jump to