Pwning an outdated Kibana with not so sad vulnerabilities

During a recent engagement, we came across an old outdated instance of the Kibana software. It was affected by two severe public vulnerabilities:

  • CVE-2018-17246
  • CVE-2019-7609

However, in the context, none of them was readily exploitable. In this article, we describe how we managed to takeover the software all the same, with a new exploitation technique.