CVE-2019-13423 (GCVE-0-2019-13423)
Vulnerability from cvelistv5
Published
2019-08-23 13:30
Modified
2024-08-04 23:49
Severity ?
CWE
  • CWE-287 - Improper Authentication
Summary
Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an authenticated Kibana user could impersonate as kibanaserver user when providing wrong credentials when all of the following conditions a-c are true: a) Kibana is configured to use Single-Sign-On as authentication method, one of Kerberos, JWT, Proxy, Client certificate. b) The kibanaserver user is configured to use HTTP Basic as the authentication method. c) Search Guard is configured to use an SSO authentication domain and HTTP Basic at the same time
References
Impacted products
Vendor Product Version
floragunn Search Guard Kibana Plugin Version: unspecified   < 5.6.8-7
Version: unspecified   < 6.x.y-12
 Create a notification for this product.
Show details on NVD website

To clipboard 

{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-04T23:49:24.978Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_MISC",
              "x_transferred"
            ],
            "url": "https://search-guard.com/cve-advisory/"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "https://docs.search-guard.com/6.x-25/changelog-kibana-6.x-12"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "Search Guard Kibana Plugin",
          "vendor": "floragunn",
          "versions": [
            {
              "lessThan": "5.6.8-7",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            },
            {
              "lessThan": "6.x.y-12",
              "status": "affected",
              "version": "unspecified",
              "versionType": "custom"
            }
          ]
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "value": "Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an authenticated Kibana user could impersonate as kibanaserver user when providing wrong credentials when all of the following conditions a-c are true: a) Kibana is configured to use Single-Sign-On as authentication method, one of Kerberos, JWT, Proxy, Client certificate. b) The kibanaserver user is configured to use HTTP Basic as the authentication method. c) Search Guard is configured to use an SSO authentication domain and HTTP Basic at the same time"
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-287",
              "description": "CWE-287: Improper Authentication",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2019-08-23T13:30:26.000Z",
        "orgId": "9f311a02-c44f-4938-8530-9219246b8255",
        "shortName": "floragunn"
      },
      "references": [
        {
          "tags": [
            "x_refsource_MISC"
          ],
          "url": "https://search-guard.com/cve-advisory/"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "https://docs.search-guard.com/6.x-25/changelog-kibana-6.x-12"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "security@search-guard.com",
          "ID": "CVE-2019-13423",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "Search Guard Kibana Plugin",
                      "version": {
                        "version_data": [
                          {
                            "version_affected": "\u003c",
                            "version_value": "5.6.8-7"
                          },
                          {
                            "version_affected": "\u003c",
                            "version_value": "6.x.y-12"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "floragunn"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Search Guard Kibana Plugin versions before 5.6.8-7 and before 6.x.y-12 had an issue that an authenticated Kibana user could impersonate as kibanaserver user when providing wrong credentials when all of the following conditions a-c are true: a) Kibana is configured to use Single-Sign-On as authentication method, one of Kerberos, JWT, Proxy, Client certificate. b) The kibanaserver user is configured to use HTTP Basic as the authentication method. c) Search Guard is configured to use an SSO authentication domain and HTTP Basic at the same time"
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "CWE-287: Improper Authentication"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "https://search-guard.com/cve-advisory/",
              "refsource": "MISC",
              "url": "https://search-guard.com/cve-advisory/"
            },
            {
              "name": "https://docs.search-guard.com/6.x-25/changelog-kibana-6.x-12",
              "refsource": "CONFIRM",
              "url": "https://docs.search-guard.com/6.x-25/changelog-kibana-6.x-12"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "9f311a02-c44f-4938-8530-9219246b8255",
    "assignerShortName": "floragunn",
    "cveId": "CVE-2019-13423",
    "datePublished": "2019-08-23T13:30:26.000Z",
    "dateReserved": "2019-07-08T00:00:00.000Z",
    "dateUpdated": "2024-08-04T23:49:24.978Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1"
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.