H3-2022-0025
Unauthenticated Access to Kibana
Category | SECURITY_MISCONFIGURATION |
Base Score | 5.0 |
Description
Incoming requests are considered to be anonymous if no authentication token can be extracted from the incoming request. By default, anonymous requests are rejected and an authentication error is returned (status code 401). To enable anonymous access, you assign one or more roles to anonymous users in the elasticsearch.yml configuration file.
Impact
Depending on permissions, an attacker could get, modify, or delete resources that may be inaccessible otherwise. The impact of this flaw varies based on what services and resources are available on the network.