Elastic Kibana 8.12.2

CPE Details

Elastic Kibana 8.12.2
elastic
kibana
8.12.2
2024-08-16
14h25 +00:00
2024-08-16
14h25 +00:00
CPE NVD
Alerte pour un CPE
Stay informed of any changes for a specific CPE.
Notifications manage

CPE Name: cpe:2.3:a:elastic:kibana:8.12.2:*:*:*:*:*:*:*

Informations

Vendor

elastic

Product

kibana

Version

8.12.2

Related CVE

Open and find in CVE List

CVE ID Published Description Score Severity
CVE-2024-37287 2024-08-13 11h33 +00:00 A flaw allowing arbitrary code execution was discovered in Kibana. An attacker with access to ML and Alerting connector features, as well as write access to internal ML indices can trigger a prototype pollution vulnerability, ultimately leading to arbitrary code execution.
9.1
Critical
CVE-2024-23443 2024-06-19 13h47 +00:00 A high-privileged user, allowed to create custom osquery packs 17 could affect the availability of Kibana by uploading a maliciously crafted osquery pack.
4.9
Medium
CVE-2024-23442 2024-06-14 14h26 +00:00 An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.
6.1
Medium
CVE-2024-37279 2024-06-13 17h04 +00:00 A flaw was discovered in Kibana, allowing view-only users of alerting to use the run_soon API making the alerting rule run continuously, potentially affecting the system availability if the alerting rule is running complex queries.
4.3
Medium