Elastic Kibana Open Redirect Vulnerability Allowing Server-Side Request Forgery

A URL redirection vulnerability, known as 'Open Redirect', has been identified in Elastic Kibana. This issue allows for redirection to an untrusted site, potentially leading to server-side request forgery (SSRF) by using a specially crafted URL. The vulnerability affects Kibana versions through 7.17.28, 8.0.0 through 8.17.7, 8.18.0 through 8.18.2, and 9.0.0 through 9.0.2. It is present in Kibana installations that utilize Short URLs within the Discover, Dashboard, and Visualization Library features.

Impact

Exploitation of this vulnerability could result in unauthorized redirection of users to arbitrary sites, combined with server-side request forgery, allowing attackers to make requests from the server's perspective.

Remediation

Users can upgrade to Kibana versions 7.17.29, 8.17.8, 8.18.3, or 9.0.3. For those unable to upgrade, self-hosted installations with a Basic license should restrict access to Kibana features that allow Short URL creation. Cloud users can also limit access to these features.