Thousands Of Unprotected Kibana Instances: Elasticsearch Databases Exposed


The success of an organization is brought about by the data, but if left unprotected can lead to fuelling the cybercriminal’s malevolent intentions. The cybersecurity firms and media have lately revealed that the poorly protected databases like the MongoDB, Elasticsearch and CouchDB have recently got more attention. Over half of the known cases of the massive data breaches that have been carried out over the past year originated from the unsecured database servers that remained accessible to anyone without any password. As a matter of fact, the database of an organization contains the most crucial and easily exploitable data, the cybercriminals have also started to pay greater attention to detect the insecure entry points.

Kibana can be termed as an open-source analytics and as well as visualization platform that has been designed to work with Elasticsearch. The platform makes it easier for the data analysts to quickly and easily understand the complex and the big data streams and logs as well through the graphic representation. Kibana comes as a browser based interface that has been so designed to fetch data from the Elasticsearch databases in the real time and then perform the advanced data analysis to present it in a variety of charts, maps and tables. After installation, the default settings configure Kibana to run on the localhost at port 5601. But some interested administrators may choose to change the settings in order to make it remotely accessible anywhere from the internet.

As per the new report that is shared by an IT professional who aims to stay anonymous tweeted under the handle @InfoSecIta that there are over 26,000 Kibana instances that have currently been exposed on the internet and most of them are reportedly unprotected. This is because of the fact that Kibana does not come with any security like session management and Search Guard etc.


Please enter your comment!
Please enter your name here