CVE-2019-7609 is a code injection vulnerability impacting Elastic Kibana versions before 5.6.15 and 6.6.1. An exploit was observed in open source and a link to an exploit was shared in the underground. Additionally, a walk-through demo of an exploit that was shared via YouTube.
PoC Links(if available):
GitHub commit exploit –
Known Counter Measures:
Elastic addressed the vulnerability in Kibana versions 5.6.15 and 6.6.1.
Links to patches(if available)