ET WEB_SPECIFIC_APPS Kibana Attempted LFI Exploitation (CVE-2018-17246)

7.0.35.0SID: 2026739Rev: 5Enabled1 views
Sourceet/open
Fileemerging-web_specific_apps.rules
CreatedDecember 19, 2018
UpdatedApril 13, 2024
Classificationattempted-user
alert http any any -> $HOME_NET any (msg:"ET WEB_SPECIFIC_APPS Kibana Attempted LFI Exploitation (CVE-2018-17246)"; flow:established,to_server; http.method; content:"GET"; http.uri; content:"/api/console/api_server?sense_version="; startswith; fast_pattern; content:"SENSE_VERSION&apis="; pcre:"/^(?:\.\.\/){2,}/R"; reference:url,www.bleepingcomputer.com/news/security/file-inclusion-bug-in-kibana-console-for-elasticsearch-gets-exploit-code/; classtype:attempted-user; sid:2026739; rev:5; metadata:attack_target Web_Server, created_at 2018_12_19, cve CVE_2018_17246, deployment Perimeter, performance_impact Low, signature_severity Major, updated_at 2024_04_13;)

Metadata

attack targetWeb_Server
created at2018_12_19
deploymentPerimeter
performance impactLow
signature severityMajor
updated at2024_04_13

Comments (0)

Please sign in to leave a comment.
Sign in

No comments yet. Be the first to comment!