CVE-2019-7609 – Elastic / Kibana – Code injection

Click the icon to Follow me:- twitterTelegramRedditDiscord


CVE-2019-7609 is a code injection vulnerability impacting Elastic Kibana versions before 5.6.15 and 6.6.1. An exploit was observed in open source and a link to an exploit was shared in the underground. Additionally, a walk-through demo of an exploit that was shared via YouTube.

PoC Links(if available):

GitHub commit exploit –

Known Counter Measures:

Elastic addressed the vulnerability in Kibana versions 5.6.15 and 6.6.1.

Links to patches(if available)

Available for Amazon Prime