Elastic Kibana vulnerabilities

CVE-2024-43710 [MEDIUM] CWE-918 CVE-2024-43710: A server side request forgery vulnerability was identified in Kibana where the /api/fleet/health_che A server side request forgery vulnerability was identified in Kibana where the /api/fleet/health_check API could be used to send requests to internal endpoints. Due to the nature of the underlying request, only endpoints available over https that return JSON could be accessed. This can be carried out by users with read access to Fleet.

CVE-2024-43707 [MEDIUM] CWE-200 CVE-2024-43707: An issue was identified in Kibana where a user without access to Fleet can view Elastic Agent polici An issue was identified in Kibana where a user without access to Fleet can view Elastic Agent policies that could contain sensitive information. The nature of the sensitive information depends on the integrations enabled for the Elastic Agent and their respective versions.

CVE-2024-52973 [MEDIUM] CWE-770 CVE-2024-52973: An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a sp An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a specially crafted request to /api/log_entries/summary. This can be carried out by users with read access to the Observability-Logs feature in Kibana.

CVE-2024-37285 [HIGH] CWE-502 CVE-2024-37285: A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. A successful attack requires a malicious user to have a combination of both specific Elasticsearch indices privileges https://www.elastic.co/guide/en/elasticsearch/reference/current/defining-roles.html#role

CVE-2024-37288 [HIGH] CWE-502 CVE-2024-37288: A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. This issue only affects users that use Elastic Security’s built-in AI tools https://www.elastic.co/guide/en/security/current/ai-for-security.html and have configured an Amazon Bedrock connector https://www.

CVE-2024-37287 [HIGH] CWE-94 CVE-2024-37287: A flaw allowing arbitrary code execution was discovered in Kibana. An attacker with access to ML and A flaw allowing arbitrary code execution was discovered in Kibana. An attacker with access to ML and Alerting connector features, as well as write access to internal ML indices can trigger a prototype pollution vulnerability, ultimately leading to arbitrary code execution.

CVE-2024-37281 [MEDIUM] CWE-400 CVE-2024-37281: An issue was discovered in Kibana where a user with Viewer role could cause a Kibana instance to cra An issue was discovered in Kibana where a user with Viewer role could cause a Kibana instance to crash by sending a large number of maliciously crafted requests to a specific endpoint.

CVE-2024-23443 [MEDIUM] CWE-400 CVE-2024-23443: A high-privileged user, allowed to create custom osquery packs 17 could affect the availability of K A high-privileged user, allowed to create custom osquery packs 17 could affect the availability of Kibana by uploading a maliciously crafted osquery pack.

CVE-2024-23442 [MEDIUM] CWE-601 CVE-2024-23442: An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arb An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.

CVE-2024-37279 [MEDIUM] CWE-284 CVE-2024-37279: A flaw was discovered in Kibana, allowing view-only users of alerting to use the run_soon API making A flaw was discovered in Kibana, allowing view-only users of alerting to use the run_soon API making the alerting rule run continuously, potentially affecting the system availability if the alerting rule is running complex queries.

CVE-2024-23446 [MEDIUM] CWE-284 CVE-2024-23446: An issue was discovered by Elastic, whereby the Detection Engine Search API does not respect Documen An issue was discovered by Elastic, whereby the Detection Engine Search API does not respect Document-level security (DLS) or Field-level security (FLS) when querying the .alerts-security.alerts-{space_id} indices. Users who are authorized to call this API may obtain unauthorized access to documents if their roles are configured with DLS or FLS agai

CVE-2023-46675 [MEDIUM] CWE-532 CVE-2023-46675: An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs in t An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs in the event of an error or in the event where debug level logging is enabled in Kibana. Elastic has released Kibana 8.11.2 which resolves this issue. The messages recorded in the log may contain Account credentials for the kibana_system user, API Keys, a

CVE-2023-46671 [MEDIUM] CWE-532 CVE-2023-46671: An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs in t An issue was discovered by Elastic whereby sensitive information may be recorded in Kibana logs in the event of an error. Elastic has released Kibana 8.11.1 which resolves this issue. The error message recorded in the log may contain account credentials for the kibana_system user, API Keys, and credentials of Kibana end-users. The issue occurs infre

CVE-2021-22150 [HIGH] CWE-94 CVE-2021-22150: It was discovered that a user with Fleet admin permissions could upload a malicious package. Due to It was discovered that a user with Fleet admin permissions could upload a malicious package. Due to using an older version of the js-yaml library, this package would be loaded in an insecure manner, allowing an attacker to execute commands on the Kibana server.

CVE-2021-22142 [HIGH] CWE-1104 CVE-2021-22142: Kibana contains an embedded version of the Chromium browser that the Reporting feature uses to gener Kibana contains an embedded version of the Chromium browser that the Reporting feature uses to generate the downloadable reports. If a user with permissions to generate reports is able to render arbitrary HTML with this browser, they may be able to leverage known Chromium vulnerabilities to conduct further attacks. Kibana contains a number of protect

CVE-2021-22151 [MEDIUM] CWE-22 CVE-2021-22151: It was discovered that Kibana was not validating a user supplied path, which would load .pbf files. It was discovered that Kibana was not validating a user supplied path, which would load .pbf files. Because of this, a malicious user could arbitrarily traverse the Kibana host to load internal files ending in the .pbf extension.

CVE-2023-31422 [HIGH] CWE-532 CVE-2023-31422: An issue was discovered by Elastic whereby sensitive information is recorded in Kibana logs in the e An issue was discovered by Elastic whereby sensitive information is recorded in Kibana logs in the event of an error. The issue impacts only Kibana version 8.10.0 when logging in the JSON layout or when the pattern layout is configured to log the %meta pattern. Elastic has released Kibana 8.10.1 which resolves this issue. The error object recorded in

CVE-2023-31415 [HIGH] CWE-94 CVE-2023-31415: Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to t Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of the Kibana process.

CVE-2023-31414 [HIGH] CWE-94 CVE-2023-31414: Kibana versions 8.0.0 through 8.7.0 contain an arbitrary code execution flaw. An attacker with write Kibana versions 8.0.0 through 8.7.0 contain an arbitrary code execution flaw. An attacker with write access to Kibana yaml or env configuration could add a specific payload that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of the Kibana process.

CVE-2022-38779 [MEDIUM] CWE-601 CVE-2022-38779: An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arb An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.