CVE-2025-68386
published 2025-12-18CVE-2025-68386: Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to change a document's sharing type…
PriorityP424medium4.3CVSS 3.1
AVNACLPRLUINSUCNILAN
EPSS
0.16%
6.0th percentile
Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to change a document's sharing type to "global," even though they do not have permission to do so, making it visible to everyone in the space via a crafted a HTTP request.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| elastic | kibana | 7.0.0 – 7.17.29 | — |
| elastic | kibana | >= 8.0.0 < 8.19.8 | 8.19.8 |
| elastic | kibana | 8.0.0 – 8.19.7 | — |
| elastic | kibana | >= 9.0.0 < 9.1.8 | 9.1.8 |
| elastic | kibana | 9.0.0 – 9.1.7 | — |
| elastic | kibana | >= 9.2.0 < 9.2.2 | 9.2.2 |
| elastic | kibana | 9.2.0 – 9.2.1 | — |
CVSS provenance
nvdv3.14.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-xh25-gx5f-4hqg: Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to change a document's shari
ghsa_unreviewed·2025-12-19
CVE-2025-68386 [MEDIUM] CWE-863 GHSA-xh25-gx5f-4hqg: Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to change a document's shari
Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to change a document's sharing type to "global," even though they do not have permission to do so, making it visible to everyone in the space via a crafted a HTTP request.
Red Hat
Kibana: Kibana: Unauthorized Information Disclosure via Improper Authorization
vendor_redhat·2025-12-18·CVSS 4.3
CVE-2025-68386 [MEDIUM] CWE-863 Kibana: Kibana: Unauthorized Information Disclosure via Improper Authorization
Kibana: Kibana: Unauthorized Information Disclosure via Improper Authorization
Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to change a document's sharing type to "global," even though they do not have permission to do so, making it visible to everyone in the space via a crafted a HTTP request.
A flaw was found in Kibana, where an authenticated user, through a crafted HTTP request, can exploit an Improper Authorization (CWE-285) vulnerability. This allows the user to change a document's sharing type to "global" without proper permissions. The consequence is unauthorized information disclosure, making the document visible to everyone in the space, effectively leading to a form of privilege escalation.
Statement:
No detection rules found.
No public exploits indexed.
2025-12-18
Published