Refine your search
48 vulnerabilities found for kibana by elastic
CERTFR-2025-AVI-1123
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Elastic. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une injection de code indirecte à distance (XSS).
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elasticsearch | Elasticsearch versions 9.2.x antérieures à 9.2.3 | ||
| Elastic | Kibana | Kibana versions 9.2.x antérieures à 9.2.3 | ||
| Elastic | Kibana | Kibana versions antérieures à 8.19.9 | ||
| Elastic | N/A | Filebeat versions antérieures à 8.19.9 | ||
| Elastic | Elasticsearch | Elasticsearch versions antérieures à 8.19.9 | ||
| Elastic | N/A | Filebeat versions 9.2.x antérieures à 9.2.3 | ||
| Elastic | Elasticsearch | Elasticsearch versions 9.0.x et 9.1.x antérieures à 9.1.9 | ||
| Elastic | Kibana | Kibana versions 9.0.x et 9.1.x antérieures à 9.1.9 | ||
| Elastic | N/A | Packetbeat versions 9.2.x antérieures à 9.2.3 | ||
| Elastic | N/A | Packetbeat versions 9.0.x et 9.1.x antérieures à 9.1.9 | ||
| Elastic | N/A | Filebeat versions 9.0.x et 9.1.x antérieures à 9.1.9 | ||
| Elastic | N/A | Packetbeat versions antérieures à 8.19.9 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elasticsearch versions 9.2.x ant\u00e9rieures \u00e0 9.2.3",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 9.2.x ant\u00e9rieures \u00e0 9.2.3",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions ant\u00e9rieures \u00e0 8.19.9",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Filebeat versions ant\u00e9rieures \u00e0 8.19.9",
"product": {
"name": "N/A",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions ant\u00e9rieures \u00e0 8.19.9",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Filebeat versions 9.2.x ant\u00e9rieures \u00e0 9.2.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 9.0.x et 9.1.x ant\u00e9rieures \u00e0 9.1.9",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 9.0.x et 9.1.x ant\u00e9rieures \u00e0 9.1.9",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Packetbeat versions 9.2.x ant\u00e9rieures \u00e0 9.2.3",
"product": {
"name": "N/A",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Packetbeat versions 9.0.x et 9.1.x ant\u00e9rieures \u00e0 9.1.9",
"product": {
"name": "N/A",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Filebeat versions 9.0.x et 9.1.x ant\u00e9rieures \u00e0 9.1.9",
"product": {
"name": "N/A",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Packetbeat versions ant\u00e9rieures \u00e0 8.19.9",
"product": {
"name": "N/A",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-68384",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68384"
},
{
"name": "CVE-2025-68381",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68381"
},
{
"name": "CVE-2025-68385",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68385"
},
{
"name": "CVE-2025-68389",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68389"
},
{
"name": "CVE-2025-68387",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68387"
},
{
"name": "CVE-2025-68422",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68422"
},
{
"name": "CVE-2025-68382",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68382"
},
{
"name": "CVE-2025-68388",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68388"
},
{
"name": "CVE-2025-68390",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68390"
},
{
"name": "CVE-2025-68386",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68386"
},
{
"name": "CVE-2025-68383",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-68383"
}
],
"initial_release_date": "2025-12-19T00:00:00",
"last_revision_date": "2025-12-19T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1123",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-12-19T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Elastic. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une injection de code indirecte \u00e0 distance (XSS).",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Elastic",
"vendor_advisories": [
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-38",
"url": "https://discuss.elastic.co/t/kibana-8-19-8-9-1-8-and-9-2-2-security-update-esa-2025-38/384186"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-34",
"url": "https://discuss.elastic.co/t/kibana-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-34/384182"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-31",
"url": "https://discuss.elastic.co/t/packetbeat-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-31/384179"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-30",
"url": "https://discuss.elastic.co/t/packetbeat-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-30/384178"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-36",
"url": "https://discuss.elastic.co/t/kibana-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-36/384184"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-35",
"url": "https://discuss.elastic.co/t/kibana-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-35/384183"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-32",
"url": "https://discuss.elastic.co/t/filebeat-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-32/384180"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-33",
"url": "https://discuss.elastic.co/t/elasticsearch-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-33/384181"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-39",
"url": "https://discuss.elastic.co/t/kibana-8-19-7-9-1-7-and-9-2-1-security-update-esa-2025-39/384187"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-37",
"url": "https://discuss.elastic.co/t/elasticsearch-8-19-8-9-1-8-and-9-2-2-security-update-esa-2025-37/384185"
},
{
"published_at": "2025-12-18",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-29",
"url": "https://discuss.elastic.co/t/packetbeat-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-29/384177"
}
]
}
CERTFR-2025-AVI-1112
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Elastic. Elles permettent à un attaquant de provoquer une injection de code indirecte à distance (XSS) et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elasticsearch | Elasticsearch versions antérieures à 8.19.8 | ||
| Elastic | Kibana | Kibana versions 9.2.x antérieures à 9.2.2 | ||
| Elastic | Kibana | Kibana versions antérieures à 8.19.8 | ||
| Elastic | Elasticsearch | Elasticsearch versions 9.2.x antérieures à 9.2.2 | ||
| Elastic | Elasticsearch | Elasticsearch versions 9.1.x antérieures à 9.1.8 | ||
| Elastic | Kibana | Kibana versions 9.1.x antérieures à 9.1.8 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elasticsearch versions ant\u00e9rieures \u00e0 8.19.8",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 9.2.x ant\u00e9rieures \u00e0 9.2.2",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions ant\u00e9rieures \u00e0 8.19.8",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 9.2.x ant\u00e9rieures \u00e0 9.2.2",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 9.1.x ant\u00e9rieures \u00e0 9.1.8",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 9.1.x ant\u00e9rieures \u00e0 9.1.8",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-37732",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37732"
},
{
"name": "CVE-2025-37731",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37731"
}
],
"initial_release_date": "2025-12-15T00:00:00",
"last_revision_date": "2025-12-15T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1112",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-12-15T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Elastic. Elles permettent \u00e0 un attaquant de provoquer une injection de code indirecte \u00e0 distance (XSS) et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Elastic",
"vendor_advisories": [
{
"published_at": "2025-12-15",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-28",
"url": "https://discuss.elastic.co/t/kibana-8-19-8-9-1-8-and-9-2-2-security-update-esa-2025-28/384064"
},
{
"published_at": "2025-12-15",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-27",
"url": "https://discuss.elastic.co/t/elasticsearch-8-19-8-9-1-8-and-9-2-2-security-update-esa-2025-27/384063"
}
]
}
CERTFR-2025-AVI-1001
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans Elastic Kibana. Elles permettent à un attaquant de provoquer une falsification de requêtes côté serveur (SSRF) et une injection de code indirecte à distance (XSS).
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Kibana versions ant\u00e9rieures \u00e0 8.19.7",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 9.2.x ant\u00e9rieures \u00e0 9.2.1",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 9.1.x ant\u00e9rieures \u00e0 9.1.7",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-37734",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37734"
},
{
"name": "CVE-2025-59840",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-59840"
}
],
"initial_release_date": "2025-11-13T00:00:00",
"last_revision_date": "2025-11-13T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-1001",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-13T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF)"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans Elastic Kibana. Elles permettent \u00e0 un attaquant de provoquer une falsification de requ\u00eates c\u00f4t\u00e9 serveur (SSRF) et une injection de code indirecte \u00e0 distance (XSS).",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Elastic Kibana",
"vendor_advisories": [
{
"published_at": "2025-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-25",
"url": "https://discuss.elastic.co/t/kibana-8-19-7-9-1-7-9-2-1-security-update-esa-2025-25/383379"
},
{
"published_at": "2025-11-12",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-24",
"url": "https://discuss.elastic.co/t/kibana-8-19-7-9-1-7-and-9-2-1-security-update-esa-2025-24/383381"
}
]
}
CERTFR-2025-AVI-0849
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Elastic. Elles permettent à un attaquant de provoquer une atteinte à la confidentialité des données, une injection de code indirecte à distance (XSS) et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elasticsearch | Elasticsearch versions 9.1.x antérieures à 9.1.5 | ||
| Elastic | Kibana | Kibana - Crowdstrike Connector versions 8.19.x antérieures à 8.19.5 | ||
| Elastic | Elasticsearch | Elasticsearch versions 9.0.x antérieures à 9.0.8 | ||
| Elastic | Kibana | Kibana - Crowdstrike Connector versions 9.0.x antérieures à 9.0.8 | ||
| Elastic | Kibana | Kibana versions 9.0.x antérieures à 9.0.8 | ||
| Elastic | Elasticsearch | Elasticsearch versions 8.19.x antérieures à 8.19.5 | ||
| Elastic | Kibana | Kibana versions 8.19.x antérieures à 8.19.5 | ||
| Elastic | Kibana | Kibana versions 9.1.x antérieures à 9.1.5 | ||
| Elastic | Kibana | Kibana - Crowdstrike Connector versions 9.1.x antérieures à 9.1.5 | ||
| Elastic | Elasticsearch | Elasticsearch versions antérieures à 8.18.8 | ||
| Elastic | Kibana | Kibana - Crowdstrike Connector versions antérieures à 8.18.8 | ||
| Elastic | Kibana | Kibana versions antérieures à 8.18.8 |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elasticsearch versions 9.1.x ant\u00e9rieures \u00e0 9.1.5",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana - Crowdstrike Connector versions 8.19.x ant\u00e9rieures \u00e0 8.19.5",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 9.0.x ant\u00e9rieures \u00e0 9.0.8",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana - Crowdstrike Connector versions 9.0.x ant\u00e9rieures \u00e0 9.0.8",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 9.0.x ant\u00e9rieures \u00e0 9.0.8",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 8.19.x ant\u00e9rieures \u00e0 8.19.5",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 8.19.x ant\u00e9rieures \u00e0 8.19.5",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 9.1.x ant\u00e9rieures \u00e0 9.1.5",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana - Crowdstrike Connector versions 9.1.x ant\u00e9rieures \u00e0 9.1.5",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions ant\u00e9rieures \u00e0 8.18.8",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana - Crowdstrike Connector versions ant\u00e9rieures \u00e0 8.18.8",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions ant\u00e9rieures \u00e0 8.18.8",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-37728",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37728"
},
{
"name": "CVE-2025-25017",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25017"
},
{
"name": "CVE-2025-37727",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37727"
},
{
"name": "CVE-2025-25009",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25009"
},
{
"name": "CVE-2025-25018",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25018"
}
],
"initial_release_date": "2025-10-07T00:00:00",
"last_revision_date": "2025-10-07T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0849",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-10-07T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Elastic. Elles permettent \u00e0 un attaquant de provoquer une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es, une injection de code indirecte \u00e0 distance (XSS) et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Elastic",
"vendor_advisories": [
{
"published_at": "2025-10-06",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-16",
"url": "https://discuss.elastic.co/t/kibana-8-18-8-8-19-4-9-0-7-9-1-4-security-update-esa-2025-16/382450"
},
{
"published_at": "2025-10-06",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-20",
"url": "https://discuss.elastic.co/t/kibana-8-18-8-8-19-5-9-0-8-and-9-1-5-security-update-esa-2025-20/382449"
},
{
"published_at": "2025-10-06",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-19",
"url": "https://discuss.elastic.co/t/kibana-crowdstrike-connector-8-18-8-8-19-5-9-0-8-and-9-1-5-security-update-esa-2025-19/382455"
},
{
"published_at": "2025-10-06",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-18",
"url": "https://discuss.elastic.co/t/elasticsearch-8-18-8-8-19-5-9-0-8-9-1-5-security-update-esa-2025-18/382453"
},
{
"published_at": "2025-10-06",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-17",
"url": "https://discuss.elastic.co/t/kibana-8-18-8-8-19-5-9-0-8-9-1-5-security-update-esa-2025-17/382451"
}
]
}
CERTFR-2025-AVI-0738
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Elastic. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une élévation de privilèges et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elasticsearch | Elasticsearch versions 9.0.x antérieures à 9.0.6 | ||
| Elastic | Enterprise Search | Enterprise Search versions 8.x antérieures à 8.18.6 | ||
| Elastic | Enterprise Search | Enterprise Search versions 8.19.x antérieures à 8.19.3 | ||
| Elastic | Elasticsearch | Elasticsearch versions 8.18.x antérieures à 8.18.6 | ||
| Elastic | Elasticsearch | Elasticsearch versions 9.1.x antérieures à 9.1.3 | ||
| Elastic | Elasticsearch | Elasticsearch versions 8.19.x antérieures à 8.19.3 | ||
| Elastic | Kibana | Kibana versions 9.1.x antérieures à 9.1.3 | ||
| Elastic | Kibana | Kibana versions 9.0.x antérieures à 9.0.6 |
References
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elasticsearch versions 9.0.x ant\u00e9rieures \u00e0 9.0.6",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Enterprise Search versions 8.x ant\u00e9rieures \u00e0 8.18.6",
"product": {
"name": "Enterprise Search",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Enterprise Search versions 8.19.x ant\u00e9rieures \u00e0 8.19.3",
"product": {
"name": "Enterprise Search",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 8.18.x ant\u00e9rieures \u00e0 8.18.6",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 9.1.x ant\u00e9rieures \u00e0 9.1.3",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 8.19.x ant\u00e9rieures \u00e0 8.19.3",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 9.1.x ant\u00e9rieures \u00e0 9.1.3",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 9.0.x ant\u00e9rieures \u00e0 9.0.6",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-54988",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-54988"
},
{
"name": "CVE-2025-25010",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25010"
}
],
"initial_release_date": "2025-08-29T00:00:00",
"last_revision_date": "2025-08-29T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0738",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-08-29T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Elastic. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Elastic",
"vendor_advisories": [
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-15",
"url": "https://discuss.elastic.co/t/enterprise-search-8-18-6-8-19-3-security-update-esa-2025-15-cve-2025-54988/381428"
},
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-14",
"url": "https://discuss.elastic.co/t/elasticsearch-8-18-6-8-19-3-9-0-6-and-9-1-3-security-update-esa-2025-14-cve-2025-54988/381427"
},
{
"published_at": "2025-08-28",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-13",
"url": "https://discuss.elastic.co/t/kibana-9-0-6-9-1-3-security-update-esa-2025-13/381426"
}
]
}
CERTFR-2025-AVI-0533
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Elastic. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Kibana versions 8.18.x ant\u00e9rieures \u00e0 8.18.3",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 8.x ant\u00e9rieures \u00e0 8.17.8",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions ant\u00e9rieures \u00e0 7.17.29",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 9.0.x ant\u00e9rieures \u00e0 9.0.3",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-2135",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-2135"
},
{
"name": "CVE-2025-25012",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25012"
}
],
"initial_release_date": "2025-06-25T00:00:00",
"last_revision_date": "2025-06-25T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0533",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-06-25T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Elastic. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans Elastic Kibana",
"vendor_advisories": [
{
"published_at": "2025-06-24",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-09",
"url": "https://discuss.elastic.co/t/kibana-7-17-29-8-17-8-8-18-3-9-0-3-security-update-esa-2025-09/379443"
},
{
"published_at": "2025-06-24",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-10",
"url": "https://discuss.elastic.co/t/kibana-7-17-29-8-17-8-8-18-3-9-0-3-security-update-esa-2025-10/379444"
}
]
}
CERTFR-2025-AVI-0494
Vulnerability from certfr_avis
Une vulnérabilité a été découverte dans Elastic Kibana. Elle permet à un attaquant de provoquer un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Kibana versions 8.12.x ant\u00e9rieures \u00e0 8.12.1",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-43706",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43706"
}
],
"initial_release_date": "2025-06-11T00:00:00",
"last_revision_date": "2025-06-11T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0494",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-06-11T00:00:00.000000"
}
],
"risks": [
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Elastic Kibana. Elle permet \u00e0 un attaquant de provoquer un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Vuln\u00e9rabilit\u00e9 dans Elastic Kibana",
"vendor_advisories": [
{
"published_at": "2025-06-10",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-21",
"url": "https://discuss.elastic.co/t/kibana-8-12-1-security-update-esa-2024-21/379064"
}
]
}
CERTFR-2025-AVI-0377
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Elastic. Elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance et un contournement de la politique de sécurité.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Kibana | Kibana versions antérieures à 8.17.6 | ||
| Elastic | Logstash | Logstash versions 8.18.x antérieures à 8.18.1 | ||
| Elastic | Logstash | Logstash versions antérieures à 8.17.6 | ||
| Elastic | Kibana | Kibana versions 8.18.x antérieures à 8.18.1 | ||
| Elastic | Logstash | Logstash versions 9.0.x antérieures à 9.0.1 | ||
| Elastic | Kibana | Kibana versions 9.0.x antérieures à 9.0.1 |
References
| Title | Publication Time | Tags | ||||||
|---|---|---|---|---|---|---|---|---|
|
||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Kibana versions ant\u00e9rieures \u00e0 8.17.6",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Logstash versions 8.18.x ant\u00e9rieures \u00e0 8.18.1",
"product": {
"name": "Logstash",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Logstash versions ant\u00e9rieures \u00e0 8.17.6",
"product": {
"name": "Logstash",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 8.18.x ant\u00e9rieures \u00e0 8.18.1",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Logstash versions 9.0.x ant\u00e9rieures \u00e0 9.0.1",
"product": {
"name": "Logstash",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 9.0.x ant\u00e9rieures \u00e0 9.0.1",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-37730",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37730"
},
{
"name": "CVE-2025-25014",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25014"
}
],
"initial_release_date": "2025-05-07T00:00:00",
"last_revision_date": "2025-05-07T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0377",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-05-07T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Elastic. Elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance et un contournement de la politique de s\u00e9curit\u00e9.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Elastic",
"vendor_advisories": [
{
"published_at": "2025-05-06",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-07",
"url": "https://discuss.elastic.co/t/kibana-8-17-6-8-18-1-or-9-0-1-security-update-esa-2025-07/377868"
},
{
"published_at": "2025-05-06",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-08",
"url": "https://discuss.elastic.co/t/logstash-8-17-6-8-18-1-and-9-0-1-security-update-esa-2025-08/377869"
}
]
}
CERTFR-2025-AVI-0359
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Elastic. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elasticsearch | Elasticsearch versions antérieures à 7.17.25 | ||
| Elastic | Kibana | Kibana versions 7.17.x postérieures à 7.14.6 et antérieures à 7.17.24 | ||
| Elastic | APM Server | APM Server versions 8.x antérieures à 8.16.1 | ||
| Elastic | Elasticsearch | Elasticsearch versions antérieures à 8.16.0 | ||
| Elastic | Logstash | Logstash versions 8.15.x antérieures à 8.15.3 | ||
| Elastic | Elastic Agent | Elastic Agent versions antérieures à 8.15.4 | ||
| Elastic | Elastic Agent | Elastic Agent versions antérieures à 7.17.25 | ||
| Elastic | Kibana | Kibana versions 8.x antérieures à 8.13.0 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elasticsearch versions ant\u00e9rieures \u00e0 7.17.25",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 7.17.x post\u00e9rieures \u00e0 7.14.6 et ant\u00e9rieures \u00e0 7.17.24",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "APM Server versions 8.x ant\u00e9rieures \u00e0 8.16.1",
"product": {
"name": "APM Server",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions ant\u00e9rieures \u00e0 8.16.0",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Logstash versions 8.15.x ant\u00e9rieures \u00e0 8.15.3",
"product": {
"name": "Logstash",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elastic Agent versions ant\u00e9rieures \u00e0 8.15.4",
"product": {
"name": "Elastic Agent",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elastic Agent versions ant\u00e9rieures \u00e0 7.17.25",
"product": {
"name": "Elastic Agent",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 8.x ant\u00e9rieures \u00e0 8.13.0",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-47561",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-47561"
},
{
"name": "CVE-2023-46669",
"url": "https://www.cve.org/CVERecord?id=CVE-2023-46669"
},
{
"name": "CVE-2024-52979",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52979"
},
{
"name": "CVE-2024-11994",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11994"
},
{
"name": "CVE-2024-11390",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-11390"
},
{
"name": "CVE-2025-25016",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25016"
},
{
"name": "CVE-2024-52976",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52976"
}
],
"initial_release_date": "2025-05-02T00:00:00",
"last_revision_date": "2025-05-02T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0359",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-05-02T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Injection de code indirecte \u00e0 distance (XSS)"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Elastic. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Elastic",
"vendor_advisories": [
{
"published_at": "2025-05-01",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-47",
"url": "https://discuss.elastic.co/t/kibana-7-17-19-and-8-13-0-security-update-esa-2024-47/377711"
},
{
"published_at": "2025-05-01",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-39",
"url": "https://discuss.elastic.co/t/elastic-agent-7-17-25-and-8-15-4-security-update-esa-2024-39/377708"
},
{
"published_at": "2025-05-01",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-03",
"url": "https://discuss.elastic.co/t/elastic-agent-elastic-endpoint-security-security-update-esa-2025-03/377706"
},
{
"published_at": "2025-05-01",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-20",
"url": "https://discuss.elastic.co/t/kibana-7-17-24-and-8-12-0-security-update-esa-2024-20/377712"
},
{
"published_at": "2025-05-01",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-38",
"url": "https://discuss.elastic.co/t/logstash-8-15-3-security-update-esa-2024-38/377707"
},
{
"published_at": "2025-05-01",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-40",
"url": "https://discuss.elastic.co/t/elasticsearch-7-17-25-and-8-16-0-security-update-esa-2024-40/377709"
},
{
"published_at": "2025-05-01",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-41",
"url": "https://discuss.elastic.co/t/apm-server-8-16-1-security-update-esa-2024-41/377710"
}
]
}
CERTFR-2025-AVI-0298
Vulnerability from certfr_avis
De multiples vulnérabilités ont été découvertes dans les produits Elastic. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Kibana | Kibana versions 8.17.x antérieures à 8.17.2 | ||
| Elastic | Logstash | Logstash versions antérieures à 8.15.3 | ||
| Elastic | Elastic Defend | Elastic Defend versions antérieures à 8.17.3 | ||
| Elastic | Kibana | Kibana versions 8.16.x antérieures à 8.16.4 | ||
| Elastic | Kibana | Kibana versions 7.17.x antérieures à 7.17.23 | ||
| Elastic | Kibana | Kibana versions 8.15.x antérieures à 8.15.1 | ||
| Elastic | Elasticsearch | Elasticsearch versions 8.15.x antérieures à 8.15.1 | ||
| Elastic | Elasticsearch | Elasticsearch versions 7.17.x antérieures à 7.17.24 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Kibana versions 8.17.x ant\u00e9rieures \u00e0 8.17.2",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Logstash versions ant\u00e9rieures \u00e0 8.15.3",
"product": {
"name": "Logstash",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elastic Defend versions ant\u00e9rieures \u00e0 8.17.3",
"product": {
"name": "Elastic Defend",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 8.16.x ant\u00e9rieures \u00e0 8.16.4",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 7.17.x ant\u00e9rieures \u00e0 7.17.23",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 8.15.x ant\u00e9rieures \u00e0 8.15.1",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 8.15.x ant\u00e9rieures \u00e0 8.15.1",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 7.17.x ant\u00e9rieures \u00e0 7.17.24",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-12556",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12556"
},
{
"name": "CVE-2024-43380",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43380"
},
{
"name": "CVE-2024-52980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52980"
},
{
"name": "CVE-2025-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25013"
},
{
"name": "CVE-2024-52974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52974"
},
{
"name": "CVE-2024-52981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52981"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
}
],
"initial_release_date": "2025-04-09T00:00:00",
"last_revision_date": "2025-04-09T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0298",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-04-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Elastic. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Elastic",
"vendor_advisories": [
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-37",
"url": "https://discuss.elastic.co/t/elasticsearch-7-17-24-and-8-15-1-security-update-esa-2024-37/376924"
},
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-02",
"url": "https://discuss.elastic.co/t/kibana-8-16-4-and-8-17-2-security-update-esa-2025-02/376918"
},
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-35",
"url": "https://discuss.elastic.co/t/logstash-8-15-1-security-update-esa-2024-35/376920"
},
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-34",
"url": "https://discuss.elastic.co/t/elasticsearch-8-15-1-security-update-esa-2024-34/376919"
},
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-05",
"url": "https://discuss.elastic.co/t/elastic-defend-8-17-3-security-update-esa-2025-05/376921"
},
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-48",
"url": "https://discuss.elastic.co/t/logstash-8-15-3-8-16-0-security-update-esa-2024-48/376922"
},
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-36",
"url": "https://discuss.elastic.co/t/kibana-7-17-23-and-8-15-1-security-update-esa-2024-36/376923"
}
]
}
CERTFR-2025-AVI-0178
Vulnerability from certfr_avis
Une vulnérabilité a été découverte dans Elastic Kibana. Elle permet à un attaquant de provoquer une exécution de code arbitraire à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
Impacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Kibana versions 8.15.x \u00e0 8.17.x ant\u00e9rieures \u00e0 8.17.3",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-25015",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25015"
}
],
"initial_release_date": "2025-03-05T00:00:00",
"last_revision_date": "2025-03-07T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0178",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-03-05T00:00:00.000000"
},
{
"description": "Modification de l\u0027identifiant CVE (CVE-2025-25012) suite \u00e0 l\u0027erratum de l\u0027\u00e9diteur.",
"revision_date": "2025-03-07T00:00:00.000000"
}
],
"risks": [
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Elastic Kibana. Elle permet \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance.",
"title": "Vuln\u00e9rabilit\u00e9 dans Elastic Kibana",
"vendor_advisories": [
{
"published_at": "2025-03-05",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-06",
"url": "https://discuss.elastic.co/t/kibana-8-17-3-security-update-esa-2025-06/375441"
}
]
}
CVE-2025-68422 (GCVE-0-2025-68422)
Vulnerability from nvd
Published
2025-12-18 22:32
Modified
2025-12-19 15:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-863 - Incorrect Authorization
Summary
Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permission restrictions via a crafted HTTP request. This allows an attacker who lacks the live queries - read permission to successfully retrieve the list of live queries.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68422",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-19T15:37:03.258242Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T15:37:15.618Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Kibana",
"vendor": "Elastic",
"versions": [
{
"lessThanOrEqual": "7.17.29",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.19.6",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.1.6",
"status": "affected",
"version": "9.0.0",
"versionType": "semver"
},
{
"lessThan": "9.2.0",
"status": "affected",
"version": "9.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permission restrictions via a crafted HTTP request. This allows an attacker who lacks the live queries - read permission to successfully retrieve the list of live queries.\u003c/p\u003e"
}
],
"value": "Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permission restrictions via a crafted HTTP request. This allows an attacker who lacks the live queries - read permission to successfully retrieve the list of live queries."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-18T22:32:17.341Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/kibana-8-19-7-9-1-7-and-9-2-1-security-update-esa-2025-39/384187"
}
],
"source": {
"discovery": "Elastic"
},
"title": "Kibana Improper Authorization",
"x_generator": {
"engine": "Elastic CVE Publisher 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2025-68422",
"datePublished": "2025-12-18T22:32:17.341Z",
"dateReserved": "2025-12-17T14:30:39.402Z",
"dateUpdated": "2025-12-19T15:37:15.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-68389 (GCVE-0-2025-68389)
Vulnerability from nvd
Published
2025-12-18 22:14
Modified
2025-12-19 15:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Summary
Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana can allow a low-privileged authenticated user to cause Excessive Allocation (CAPEC-130) of computing resources and a denial of service (DoS) of the Kibana process via a crafted HTTP request.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68389",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-19T15:34:31.561404Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T15:34:41.465Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Kibana",
"vendor": "Elastic",
"versions": [
{
"lessThanOrEqual": "7.17.29",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.19.8",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.1.8",
"status": "affected",
"version": "9.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.2.2",
"status": "affected",
"version": "9.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAllocation of Resources Without Limits or Throttling (CWE-770) in Kibana can allow a low-privileged authenticated user to cause Excessive Allocation (CAPEC-130) of computing resources and a denial of service (DoS) of the Kibana process via a crafted HTTP request.\u003c/p\u003e"
}
],
"value": "Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana can allow a low-privileged authenticated user to cause Excessive Allocation (CAPEC-130) of computing resources and a denial of service (DoS) of the Kibana process via a crafted HTTP request."
}
],
"impacts": [
{
"capecId": "CAPEC-130",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-130 Excessive Allocation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-18T22:14:51.573Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/kibana-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-36/384184"
}
],
"source": {
"discovery": "Elastic"
},
"title": "Kibana Allocation of Resources Without Limits or Throttling",
"x_generator": {
"engine": "Elastic CVE Publisher 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2025-68389",
"datePublished": "2025-12-18T22:14:51.573Z",
"dateReserved": "2025-12-16T19:18:49.563Z",
"dateUpdated": "2025-12-19T15:34:41.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-68387 (GCVE-0-2025-68387)
Vulnerability from nvd
Published
2025-12-18 22:11
Modified
2025-12-19 15:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Summary
Improper neutralization of input during web page generation ('Cross-site Scripting') (CWE-79) allows an unauthenticated user to embed a malicious script in content that will be served to web browsers causing cross-site scripting (XSS) (CAPEC-63) via a vulnerability a function handler in the Vega AST evaluator.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68387",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-19T15:33:17.354782Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T15:33:35.481Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Kibana",
"vendor": "Elastic",
"versions": [
{
"lessThanOrEqual": "7.17.29",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.19.8",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.1.8",
"status": "affected",
"version": "9.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.2.2",
"status": "affected",
"version": "9.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper neutralization of input during web page generation (\u0027Cross-site Scripting\u0027) (CWE-79) allows an unauthenticated user to embed a malicious script in content that will be served to web browsers causing cross-site scripting (XSS) (CAPEC-63) via a vulnerability a function handler in the Vega AST evaluator.\u003c/p\u003e"
}
],
"value": "Improper neutralization of input during web page generation (\u0027Cross-site Scripting\u0027) (CWE-79) allows an unauthenticated user to embed a malicious script in content that will be served to web browsers causing cross-site scripting (XSS) (CAPEC-63) via a vulnerability a function handler in the Vega AST evaluator."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-18T22:11:39.034Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/kibana-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-35/384183"
}
],
"source": {
"discovery": "Elastic"
},
"title": "Kibana Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"x_generator": {
"engine": "Elastic CVE Publisher 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2025-68387",
"datePublished": "2025-12-18T22:11:39.034Z",
"dateReserved": "2025-12-16T19:18:49.563Z",
"dateUpdated": "2025-12-19T15:33:35.481Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-68386 (GCVE-0-2025-68386)
Vulnerability from nvd
Published
2025-12-18 22:21
Modified
2025-12-19 15:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-863 - Incorrect Authorization
Summary
Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to change a document's sharing type to "global," even though they do not have permission to do so, making it visible to everyone in the space via a crafted a HTTP request.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68386",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-19T15:36:31.024126Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T15:36:42.060Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Kibana",
"vendor": "Elastic",
"versions": [
{
"lessThanOrEqual": "7.17.29",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.19.7",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.1.7",
"status": "affected",
"version": "9.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.2.1",
"status": "affected",
"version": "9.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to change a document\u0027s sharing type to \"global,\" even though they do not have permission to do so, making it visible to everyone in the space via a crafted a HTTP request.\u003c/p\u003e"
}
],
"value": "Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to change a document\u0027s sharing type to \"global,\" even though they do not have permission to do so, making it visible to everyone in the space via a crafted a HTTP request."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-18T22:21:09.453Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/kibana-8-19-8-9-1-8-and-9-2-2-security-update-esa-2025-38/384186"
}
],
"source": {
"discovery": "Elastic"
},
"title": "Kibana Improper Authorization",
"x_generator": {
"engine": "Elastic CVE Publisher 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2025-68386",
"datePublished": "2025-12-18T22:21:09.453Z",
"dateReserved": "2025-12-16T19:18:49.562Z",
"dateUpdated": "2025-12-19T15:36:42.060Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-68385 (GCVE-0-2025-68385)
Vulnerability from nvd
Published
2025-12-18 22:08
Modified
2025-12-19 15:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Summary
Improper neutralization of input during web page generation ('Cross-site Scripting') (CWE-79) allows an authenticated user to embed a malicious script in content that will be served to web browsers causing cross-site scripting (XSS) (CAPEC-63) via a method in Vega bypassing a previous Vega XSS mitigation.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68385",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-19T15:20:05.956067Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T15:20:17.003Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Kibana",
"vendor": "Elastic",
"versions": [
{
"lessThanOrEqual": "7.17.29",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.19.8",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.1.8",
"status": "affected",
"version": "9.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.2.2",
"status": "affected",
"version": "9.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper neutralization of input during web page generation (\u0027Cross-site Scripting\u0027) (CWE-79) allows an authenticated user to embed a malicious script in content that will be served to web browsers causing cross-site scripting (XSS) (CAPEC-63) via a method in Vega bypassing a previous Vega XSS mitigation.\u003c/p\u003e"
}
],
"value": "Improper neutralization of input during web page generation (\u0027Cross-site Scripting\u0027) (CWE-79) allows an authenticated user to embed a malicious script in content that will be served to web browsers causing cross-site scripting (XSS) (CAPEC-63) via a method in Vega bypassing a previous Vega XSS mitigation."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-18T22:08:37.833Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/kibana-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-34/384182"
}
],
"source": {
"discovery": "Elastic"
},
"title": "Kibana Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"x_generator": {
"engine": "Elastic CVE Publisher 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2025-68385",
"datePublished": "2025-12-18T22:08:37.833Z",
"dateReserved": "2025-12-16T17:26:09.355Z",
"dateUpdated": "2025-12-19T15:20:17.003Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-37732 (GCVE-0-2025-37732)
Vulnerability from nvd
Published
2025-12-15 10:21
Modified
2025-12-15 13:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Summary
Improper neutralization of input during web page generation ('Cross-site Scripting') (CWE-79) allows an authenticated user to render HTML tags within a user’s browser via the integration package upload functionality. This issue is related to ESA-2025-17 (CVE-2025-25018) bypassing that fix to achieve HTML injection.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37732",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-15T13:15:20.360899Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-15T13:28:41.695Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Kibana",
"vendor": "Elastic",
"versions": [
{
"lessThanOrEqual": "7.17.29",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.19.7",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.1.7",
"status": "affected",
"version": "9.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.2.1",
"status": "affected",
"version": "9.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper neutralization of input during web page generation (\u0027Cross-site Scripting\u0027) (CWE-79) allows an authenticated user to render HTML tags within a user\u2019s browser via the integration package upload functionality. This issue is related to ESA-2025-17 (CVE-2025-25018) bypassing that fix to achieve HTML injection.\u003c/p\u003e"
}
],
"value": "Improper neutralization of input during web page generation (\u0027Cross-site Scripting\u0027) (CWE-79) allows an authenticated user to render HTML tags within a user\u2019s browser via the integration package upload functionality. This issue is related to ESA-2025-17 (CVE-2025-25018) bypassing that fix to achieve HTML injection."
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591 Reflected XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-15T10:21:07.640Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/kibana-8-19-8-9-1-8-and-9-2-2-security-update-esa-2025-28/384064"
}
],
"source": {
"discovery": "Elastic"
},
"title": "Kibana Cross-site Scripting via the Integration Package Upload Functionality",
"x_generator": {
"engine": "Elastic CVE Publisher 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2025-37732",
"datePublished": "2025-12-15T10:21:07.640Z",
"dateReserved": "2025-04-16T03:24:04.511Z",
"dateUpdated": "2025-12-15T13:28:41.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-37734 (GCVE-0-2025-37734)
Vulnerability from nvd
Published
2025-11-12 09:57
Modified
2025-11-12 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-346 - Origin Validation Error
Summary
Origin Validation Error in Kibana can lead to Server-Side Request Forgery via a forged Origin HTTP header processed by the Observability AI Assistant.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37734",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-12T14:16:20.420596Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T14:16:35.035Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Kibana",
"repo": "https://github.com/kibana",
"vendor": "Elastic",
"versions": [
{
"lessThanOrEqual": "8.19.6",
"status": "affected",
"version": "8.12.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.1.6",
"status": "affected",
"version": "9.1.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "9.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Origin Validation Error in Kibana can lead to Server-Side Request Forgery via a forged Origin HTTP header processed by the Observability AI Assistant."
}
],
"value": "Origin Validation Error in Kibana can lead to Server-Side Request Forgery via a forged Origin HTTP header processed by the Observability AI Assistant."
}
],
"impacts": [
{
"capecId": "CAPEC-664",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-664 Server Side Request Forgery"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-346",
"description": "CWE-346 Origin Validation Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T09:57:22.782Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/kibana-8-19-7-9-1-7-and-9-2-1-security-update-esa-2025-24/383381"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Kibana Origin Validation Error",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2025-37734",
"datePublished": "2025-11-12T09:57:22.782Z",
"dateReserved": "2025-04-16T03:24:04.511Z",
"dateUpdated": "2025-11-12T14:16:35.035Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-37735 (GCVE-0-2025-37735)
Vulnerability from nvd
Published
2025-11-06 14:27
Modified
2025-11-07 04:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-281 - Improper Preservation of Permissions
Summary
Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files on the system being deleted by the Defend service running as SYSTEM. In some cases, this could result in local privilege escalation.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37735",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-07T04:56:11.390Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Kibana",
"vendor": "Elastic",
"versions": [
{
"lessThanOrEqual": "8.19.5",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.1.5",
"status": "affected",
"version": "9.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files on the system being deleted by the Defend service running as SYSTEM. In some cases, this could result in local privilege escalation.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files on the system being deleted by the Defend service running as SYSTEM. In some cases, this could result in local privilege escalation."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281 Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T14:27:26.235Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/elastic-defend-8-19-6-9-1-6-and-9-2-0-security-update-esa-2025-23/383272"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2025-37735",
"datePublished": "2025-11-06T14:27:26.235Z",
"dateReserved": "2025-04-16T03:24:04.511Z",
"dateUpdated": "2025-11-07T04:56:11.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-25018 (GCVE-0-2025-25018)
Vulnerability from nvd
Published
2025-10-10 09:50
Modified
2025-10-14 03:55
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Summary
Improper Neutralization of Input During Web Page Generation in Kibana can lead to stored Cross-Site Scripting (XSS)
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-25018",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-09T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-14T03:55:14.473Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Kibana",
"repo": "https://github.com/kibana",
"vendor": "Elastic",
"versions": [
{
"lessThanOrEqual": "7.17.29",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.18.7",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.19.4",
"status": "affected",
"version": "8.19.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.0.7",
"status": "affected",
"version": "9.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.1.4",
"status": "affected",
"version": "9.1.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImproper Neutralization of Input During Web Page Generation\u003c/span\u003e in Kibana can lead to stored Cross-Site Scripting (XSS)\u003c/p\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation in Kibana can lead to stored Cross-Site Scripting (XSS)"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-10T09:51:21.105Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://https://discuss.elastic.co/t/kibana-8-18-8-8-19-5-9-0-8-9-1-5-security-update-esa-2025-17/382451"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Kibana Stored Cross-Site Scripting (XSS)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2025-25018",
"datePublished": "2025-10-10T09:50:35.448Z",
"dateReserved": "2025-01-31T15:28:16.918Z",
"dateUpdated": "2025-10-14T03:55:14.473Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-25017 (GCVE-0-2025-25017)
Vulnerability from nvd
Published
2025-10-10 09:53
Modified
2025-10-10 16:43
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Summary
Improper Neutralization of Input During Web Page Generation in Kibana can lead to Cross-Site Scripting (XSS)
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-25017",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-10T16:43:44.510281Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-10T16:43:55.939Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Kibana",
"repo": "https://github.com/kibana",
"vendor": "Elastic",
"versions": [
{
"lessThanOrEqual": "7.17.29",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.18.7",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.19.3",
"status": "affected",
"version": "8.19.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.0.6",
"status": "affected",
"version": "9.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.1.3",
"status": "affected",
"version": "9.1.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003e\u003cspan style=\"background-color: rgb(255, 255, 255);\"\u003eImproper Neutralization of Input During Web Page Generation\u003c/span\u003e in Kibana can lead to Cross-Site Scripting (XSS)\u003c/p\u003e\u003cbr\u003e\u003cbr\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation in Kibana can lead to Cross-Site Scripting (XSS)"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-10T09:53:25.634Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/kibana-8-18-8-8-19-4-9-0-7-9-1-4-security-update-esa-2025-16/382450"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Kibana Stored Cross-Site Scripting (XSS)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2025-25017",
"datePublished": "2025-10-10T09:53:25.634Z",
"dateReserved": "2025-01-31T15:28:16.918Z",
"dateUpdated": "2025-10-10T16:43:55.939Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-25009 (GCVE-0-2025-25009)
Vulnerability from nvd
Published
2025-10-07 13:59
Modified
2025-10-07 14:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Summary
Improper Neutralization of Input During Web Page Generation in Kibana can lead to Stored XSS via case file upload.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-25009",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-07T14:25:43.077649Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-07T14:37:39.070Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Kibana",
"repo": "https://github.com/elastic/kibana",
"vendor": "Elastic",
"versions": [
{
"lessThanOrEqual": "7.17.29",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.18.7",
"status": "affected",
"version": "8.14.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.19.4",
"status": "affected",
"version": "8.19.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.0.7",
"status": "affected",
"version": "9.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.1.4",
"status": "affected",
"version": "9.1.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003e\u003cp\u003e\u003cspan style=\"background-color: transparent;\"\u003eImproper Neutralization of Input During Web Page Generation in Kibana can lead to Stored XSS via case file upload.\u003c/span\u003e\u003c/p\u003e\u003c/span\u003e"
}
],
"value": "Improper Neutralization of Input During Web Page Generation in Kibana can lead to Stored XSS via case file upload."
}
],
"impacts": [
{
"capecId": "CAPEC-592",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-592 Stored XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-07T13:59:00.890Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/kibana-8-18-8-8-19-5-9-0-8-and-9-1-5-security-update-esa-2025-20/382449"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Kibana Cross-Site Scripting (XSS)",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2025-25009",
"datePublished": "2025-10-07T13:59:00.890Z",
"dateReserved": "2025-01-31T15:28:16.917Z",
"dateUpdated": "2025-10-07T14:37:39.070Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-68422 (GCVE-0-2025-68422)
Vulnerability from cvelistv5
Published
2025-12-18 22:32
Modified
2025-12-19 15:37
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-863 - Incorrect Authorization
Summary
Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permission restrictions via a crafted HTTP request. This allows an attacker who lacks the live queries - read permission to successfully retrieve the list of live queries.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68422",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-19T15:37:03.258242Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T15:37:15.618Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Kibana",
"vendor": "Elastic",
"versions": [
{
"lessThanOrEqual": "7.17.29",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.19.6",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.1.6",
"status": "affected",
"version": "9.0.0",
"versionType": "semver"
},
{
"lessThan": "9.2.0",
"status": "affected",
"version": "9.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permission restrictions via a crafted HTTP request. This allows an attacker who lacks the live queries - read permission to successfully retrieve the list of live queries.\u003c/p\u003e"
}
],
"value": "Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permission restrictions via a crafted HTTP request. This allows an attacker who lacks the live queries - read permission to successfully retrieve the list of live queries."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-18T22:32:17.341Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/kibana-8-19-7-9-1-7-and-9-2-1-security-update-esa-2025-39/384187"
}
],
"source": {
"discovery": "Elastic"
},
"title": "Kibana Improper Authorization",
"x_generator": {
"engine": "Elastic CVE Publisher 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2025-68422",
"datePublished": "2025-12-18T22:32:17.341Z",
"dateReserved": "2025-12-17T14:30:39.402Z",
"dateUpdated": "2025-12-19T15:37:15.618Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-68386 (GCVE-0-2025-68386)
Vulnerability from cvelistv5
Published
2025-12-18 22:21
Modified
2025-12-19 15:36
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-863 - Incorrect Authorization
Summary
Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to change a document's sharing type to "global," even though they do not have permission to do so, making it visible to everyone in the space via a crafted a HTTP request.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68386",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-19T15:36:31.024126Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T15:36:42.060Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Kibana",
"vendor": "Elastic",
"versions": [
{
"lessThanOrEqual": "7.17.29",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.19.7",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.1.7",
"status": "affected",
"version": "9.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.2.1",
"status": "affected",
"version": "9.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to change a document\u0027s sharing type to \"global,\" even though they do not have permission to do so, making it visible to everyone in the space via a crafted a HTTP request.\u003c/p\u003e"
}
],
"value": "Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to change a document\u0027s sharing type to \"global,\" even though they do not have permission to do so, making it visible to everyone in the space via a crafted a HTTP request."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-18T22:21:09.453Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/kibana-8-19-8-9-1-8-and-9-2-2-security-update-esa-2025-38/384186"
}
],
"source": {
"discovery": "Elastic"
},
"title": "Kibana Improper Authorization",
"x_generator": {
"engine": "Elastic CVE Publisher 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2025-68386",
"datePublished": "2025-12-18T22:21:09.453Z",
"dateReserved": "2025-12-16T19:18:49.562Z",
"dateUpdated": "2025-12-19T15:36:42.060Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-68389 (GCVE-0-2025-68389)
Vulnerability from cvelistv5
Published
2025-12-18 22:14
Modified
2025-12-19 15:34
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-770 - Allocation of Resources Without Limits or Throttling
Summary
Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana can allow a low-privileged authenticated user to cause Excessive Allocation (CAPEC-130) of computing resources and a denial of service (DoS) of the Kibana process via a crafted HTTP request.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68389",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-19T15:34:31.561404Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T15:34:41.465Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Kibana",
"vendor": "Elastic",
"versions": [
{
"lessThanOrEqual": "7.17.29",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.19.8",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.1.8",
"status": "affected",
"version": "9.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.2.2",
"status": "affected",
"version": "9.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eAllocation of Resources Without Limits or Throttling (CWE-770) in Kibana can allow a low-privileged authenticated user to cause Excessive Allocation (CAPEC-130) of computing resources and a denial of service (DoS) of the Kibana process via a crafted HTTP request.\u003c/p\u003e"
}
],
"value": "Allocation of Resources Without Limits or Throttling (CWE-770) in Kibana can allow a low-privileged authenticated user to cause Excessive Allocation (CAPEC-130) of computing resources and a denial of service (DoS) of the Kibana process via a crafted HTTP request."
}
],
"impacts": [
{
"capecId": "CAPEC-130",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-130 Excessive Allocation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-770",
"description": "CWE-770 Allocation of Resources Without Limits or Throttling",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-18T22:14:51.573Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/kibana-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-36/384184"
}
],
"source": {
"discovery": "Elastic"
},
"title": "Kibana Allocation of Resources Without Limits or Throttling",
"x_generator": {
"engine": "Elastic CVE Publisher 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2025-68389",
"datePublished": "2025-12-18T22:14:51.573Z",
"dateReserved": "2025-12-16T19:18:49.563Z",
"dateUpdated": "2025-12-19T15:34:41.465Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-68387 (GCVE-0-2025-68387)
Vulnerability from cvelistv5
Published
2025-12-18 22:11
Modified
2025-12-19 15:33
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Summary
Improper neutralization of input during web page generation ('Cross-site Scripting') (CWE-79) allows an unauthenticated user to embed a malicious script in content that will be served to web browsers causing cross-site scripting (XSS) (CAPEC-63) via a vulnerability a function handler in the Vega AST evaluator.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68387",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-19T15:33:17.354782Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T15:33:35.481Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Kibana",
"vendor": "Elastic",
"versions": [
{
"lessThanOrEqual": "7.17.29",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.19.8",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.1.8",
"status": "affected",
"version": "9.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.2.2",
"status": "affected",
"version": "9.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper neutralization of input during web page generation (\u0027Cross-site Scripting\u0027) (CWE-79) allows an unauthenticated user to embed a malicious script in content that will be served to web browsers causing cross-site scripting (XSS) (CAPEC-63) via a vulnerability a function handler in the Vega AST evaluator.\u003c/p\u003e"
}
],
"value": "Improper neutralization of input during web page generation (\u0027Cross-site Scripting\u0027) (CWE-79) allows an unauthenticated user to embed a malicious script in content that will be served to web browsers causing cross-site scripting (XSS) (CAPEC-63) via a vulnerability a function handler in the Vega AST evaluator."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.1,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-18T22:11:39.034Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/kibana-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-35/384183"
}
],
"source": {
"discovery": "Elastic"
},
"title": "Kibana Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"x_generator": {
"engine": "Elastic CVE Publisher 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2025-68387",
"datePublished": "2025-12-18T22:11:39.034Z",
"dateReserved": "2025-12-16T19:18:49.563Z",
"dateUpdated": "2025-12-19T15:33:35.481Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-68385 (GCVE-0-2025-68385)
Vulnerability from cvelistv5
Published
2025-12-18 22:08
Modified
2025-12-19 15:20
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Summary
Improper neutralization of input during web page generation ('Cross-site Scripting') (CWE-79) allows an authenticated user to embed a malicious script in content that will be served to web browsers causing cross-site scripting (XSS) (CAPEC-63) via a method in Vega bypassing a previous Vega XSS mitigation.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-68385",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-19T15:20:05.956067Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-19T15:20:17.003Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Kibana",
"vendor": "Elastic",
"versions": [
{
"lessThanOrEqual": "7.17.29",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.19.8",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.1.8",
"status": "affected",
"version": "9.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.2.2",
"status": "affected",
"version": "9.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper neutralization of input during web page generation (\u0027Cross-site Scripting\u0027) (CWE-79) allows an authenticated user to embed a malicious script in content that will be served to web browsers causing cross-site scripting (XSS) (CAPEC-63) via a method in Vega bypassing a previous Vega XSS mitigation.\u003c/p\u003e"
}
],
"value": "Improper neutralization of input during web page generation (\u0027Cross-site Scripting\u0027) (CWE-79) allows an authenticated user to embed a malicious script in content that will be served to web browsers causing cross-site scripting (XSS) (CAPEC-63) via a method in Vega bypassing a previous Vega XSS mitigation."
}
],
"impacts": [
{
"capecId": "CAPEC-63",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-63 Cross-Site Scripting (XSS)"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-18T22:08:37.833Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/kibana-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-34/384182"
}
],
"source": {
"discovery": "Elastic"
},
"title": "Kibana Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)",
"x_generator": {
"engine": "Elastic CVE Publisher 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2025-68385",
"datePublished": "2025-12-18T22:08:37.833Z",
"dateReserved": "2025-12-16T17:26:09.355Z",
"dateUpdated": "2025-12-19T15:20:17.003Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-37732 (GCVE-0-2025-37732)
Vulnerability from cvelistv5
Published
2025-12-15 10:21
Modified
2025-12-15 13:28
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-79 - Improper Neutralization of Input During Web Page Generation (XSS or 'Cross-site Scripting')
Summary
Improper neutralization of input during web page generation ('Cross-site Scripting') (CWE-79) allows an authenticated user to render HTML tags within a user’s browser via the integration package upload functionality. This issue is related to ESA-2025-17 (CVE-2025-25018) bypassing that fix to achieve HTML injection.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37732",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-12-15T13:15:20.360899Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-12-15T13:28:41.695Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Kibana",
"vendor": "Elastic",
"versions": [
{
"lessThanOrEqual": "7.17.29",
"status": "affected",
"version": "7.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.19.7",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.1.7",
"status": "affected",
"version": "9.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.2.1",
"status": "affected",
"version": "9.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper neutralization of input during web page generation (\u0027Cross-site Scripting\u0027) (CWE-79) allows an authenticated user to render HTML tags within a user\u2019s browser via the integration package upload functionality. This issue is related to ESA-2025-17 (CVE-2025-25018) bypassing that fix to achieve HTML injection.\u003c/p\u003e"
}
],
"value": "Improper neutralization of input during web page generation (\u0027Cross-site Scripting\u0027) (CWE-79) allows an authenticated user to render HTML tags within a user\u2019s browser via the integration package upload functionality. This issue is related to ESA-2025-17 (CVE-2025-25018) bypassing that fix to achieve HTML injection."
}
],
"impacts": [
{
"capecId": "CAPEC-591",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-591 Reflected XSS"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.4,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-79",
"description": "CWE-79 Improper Neutralization of Input During Web Page Generation (XSS or \u0027Cross-site Scripting\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-12-15T10:21:07.640Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/kibana-8-19-8-9-1-8-and-9-2-2-security-update-esa-2025-28/384064"
}
],
"source": {
"discovery": "Elastic"
},
"title": "Kibana Cross-site Scripting via the Integration Package Upload Functionality",
"x_generator": {
"engine": "Elastic CVE Publisher 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2025-37732",
"datePublished": "2025-12-15T10:21:07.640Z",
"dateReserved": "2025-04-16T03:24:04.511Z",
"dateUpdated": "2025-12-15T13:28:41.695Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-37734 (GCVE-0-2025-37734)
Vulnerability from cvelistv5
Published
2025-11-12 09:57
Modified
2025-11-12 14:16
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-346 - Origin Validation Error
Summary
Origin Validation Error in Kibana can lead to Server-Side Request Forgery via a forged Origin HTTP header processed by the Observability AI Assistant.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37734",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-12T14:16:20.420596Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T14:16:35.035Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Kibana",
"repo": "https://github.com/kibana",
"vendor": "Elastic",
"versions": [
{
"lessThanOrEqual": "8.19.6",
"status": "affected",
"version": "8.12.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.1.6",
"status": "affected",
"version": "9.1.0",
"versionType": "semver"
},
{
"status": "affected",
"version": "9.2.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Origin Validation Error in Kibana can lead to Server-Side Request Forgery via a forged Origin HTTP header processed by the Observability AI Assistant."
}
],
"value": "Origin Validation Error in Kibana can lead to Server-Side Request Forgery via a forged Origin HTTP header processed by the Observability AI Assistant."
}
],
"impacts": [
{
"capecId": "CAPEC-664",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-664 Server Side Request Forgery"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-346",
"description": "CWE-346 Origin Validation Error",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-12T09:57:22.782Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/kibana-8-19-7-9-1-7-and-9-2-1-security-update-esa-2025-24/383381"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Kibana Origin Validation Error",
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2025-37734",
"datePublished": "2025-11-12T09:57:22.782Z",
"dateReserved": "2025-04-16T03:24:04.511Z",
"dateUpdated": "2025-11-12T14:16:35.035Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-37735 (GCVE-0-2025-37735)
Vulnerability from cvelistv5
Published
2025-11-06 14:27
Modified
2025-11-07 04:56
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- CWE-281 - Improper Preservation of Permissions
Summary
Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files on the system being deleted by the Defend service running as SYSTEM. In some cases, this could result in local privilege escalation.
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-37735",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-11-06T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-11-07T04:56:11.390Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Kibana",
"vendor": "Elastic",
"versions": [
{
"lessThanOrEqual": "8.19.5",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.1.5",
"status": "affected",
"version": "9.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eImproper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files on the system being deleted by the Defend service running as SYSTEM. In some cases, this could result in local privilege escalation.\u003c/p\u003e\u003cbr\u003e"
}
],
"value": "Improper preservation of permissions in Elastic Defend on Windows hosts can lead to arbitrary files on the system being deleted by the Defend service running as SYSTEM. In some cases, this could result in local privilege escalation."
}
],
"impacts": [
{
"capecId": "CAPEC-233",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-233 Privilege Escalation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-281",
"description": "CWE-281 Improper Preservation of Permissions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-11-06T14:27:26.235Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/elastic-defend-8-19-6-9-1-6-and-9-2-0-security-update-esa-2025-23/383272"
}
],
"source": {
"discovery": "UNKNOWN"
},
"x_generator": {
"engine": "Vulnogram 0.5.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2025-37735",
"datePublished": "2025-11-06T14:27:26.235Z",
"dateReserved": "2025-04-16T03:24:04.511Z",
"dateUpdated": "2025-11-07T04:56:11.390Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}