CVE-2025-68422
published 2025-12-18CVE-2025-68422: Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permission…
PriorityP425medium4.3CVSS 3.1
AVNACLPRLUINSUCLINAN
EPSS
0.20%
9.6th percentile
Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permission restrictions via a crafted HTTP request. This allows an attacker who lacks the live queries - read permission to successfully retrieve the list of live queries.
Affected
7 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| elastic | kibana | — | — |
| elastic | kibana | 7.0.0 – 7.17.29 | — |
| elastic | kibana | >= 8.0.0 < 8.19.7 | 8.19.7 |
| elastic | kibana | 8.0.0 – 8.19.6 | — |
| elastic | kibana | >= 9.0.0 < 9.1.7 | 9.1.7 |
| elastic | kibana | 9.0.0 – 9.1.6 | — |
| elastic | kibana | >= 9.2.0 < 9.2.0 | 9.2.0 |
CVSS provenance
nvdv3.14.3MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N
vendor_redhat4.3MEDIUM
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Red Hat
Kibana: Kibana: Privilege escalation and information disclosure via improper authorization
vendor_redhat·2025-12-18·CVSS 4.3
CVE-2025-68422 [MEDIUM] CWE-863 Kibana: Kibana: Privilege escalation and information disclosure via improper authorization
Kibana: Kibana: Privilege escalation and information disclosure via improper authorization
Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permission restrictions via a crafted HTTP request. This allows an attacker who lacks the live queries - read permission to successfully retrieve the list of live queries.
A flaw was found in Kibana. An authenticated user can exploit this vulnerability by sending a specially crafted HTTP request, which bypasses intended permission restrictions. This improper authorization allows an attacker, who lacks the "live queries - read" permission, to successfully retrieve the list of live queries, leading to information disclosure and potential privilege escalation.
S
GHSA
GHSA-v7q8-5286-xfvf: Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permissio
ghsa_unreviewed·2025-12-19
CVE-2025-68422 [MEDIUM] CWE-863 GHSA-v7q8-5286-xfvf: Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permissio
Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permission restrictions via a crafted HTTP request. This allows an attacker who lacks the live queries - read permission to successfully retrieve the list of live queries.
No detection rules found.
No public exploits indexed.
2025-12-18
Published