Unauthenticated Kibana Dashboard Access — A Serious Security Risk You Can’t Ignore
1 min read
Summary
Penetration tester and bug bounty hunter Pratik Dabhi discovered a vulnerability last year where unauthenticated access to Kibana dashboards had been left open on a multinational company’s infrastructure.
Dabhi emphasises the importance of reconnaissance prior to penetrating a system, as this can highlight simple errors such as this that can have catastrophic consequences.
Dabhi details how he uses the search engine for internet-connected devices Shodan to search for unsecured Kibana dashboards using the product:“Elastic Kibana” query, resulting in many instances of dashboards being exposed.
The importance of this is highlighted by the fact that, if accessed, a malicious actor could alter configurations, delete data, inject malicious content, or even exploit the Kibana dashboard as an entry point to other vulnerable services within the company’s internal network.