CVE-2025-37736Incorrect Authorization in Cloud Enterprise

CWE-863Incorrect Authorization3 documents3 sources
Severity
8.8HIGHNVD
EPSS
0.1%
top 84.76%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
1
Elastic Cloud Enterprise
Timeline
PublishedNov 7
Latest updateNov 8

Description

Improper Authorization in Elastic Cloud Enterprise can lead to Privilege Escalation where the built-in readonly user can call APIs that should not be allowed. The list of APIs that are affected by this issue is: post:/platform/configuration/security/service-accounts delete:/platform/configuration/security/service-accounts/{user_id} patch:/platform/configuration/security/service-accounts/{user_id} post:/platform/configuration/security/service-accounts/{user_id}/keys delete:/platform/configurati

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 2.8 | Impact: 5.9

Affected Packages2 packages

NVDelastic/elastic_cloud_enterprise3.8.03.8.3+1
CVEListV5elastic/elastic_cloud_enterprise3.8.03.8.2+1

🔴Vulnerability Details

2
GHSA
GHSA-5p88-6546-29fh: Improper Authorization in Elastic Cloud Enterprise can lead to Privilege Escalation where the built-in readonly user can call APIs that should not be2025-11-08
CVEList
Elastic Cloud Enterprise Improper Authorization2025-11-07
CVE-2025-37736 — Incorrect Authorization in Elastic | cvebase