cve,link,title,description,vendor,products,score,severity,epss,cisa,cisa_published,article,ransomware,exploited,exploited_date,poc,trended,trended_no_1,trended_no_1_date,published,trended_score
CVE-2024-43708,https://securityvulnerability.io/vulnerability/CVE-2024-43708,Resource Allocation Flaw in Kibana by Elastic,"A resource allocation issue in Kibana allows for crashes triggered by specially crafted inputs. This vulnerability can be exploited by users with read access to any feature in Kibana, potentially disrupting the service and affecting users' experience.",Elastic,Kibana,6.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-23T10:27:30.753Z,0
CVE-2024-52975,https://securityvulnerability.io/vulnerability/CVE-2024-52975,Information Disclosure in Fleet Server by Elastic,"An information disclosure vulnerability exists in Fleet Server by Elastic, where sensitive data may be inadvertently logged at INFO and ERROR log levels. The exposed information depends on the enabled integrations, potentially leading to unintended data exposure. Users are urged to review their logging configurations and apply necessary updates to mitigate this risk.",Elastic,Fleet Server,9,CRITICAL,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-23T07:19:39.170Z,237
CVE-2024-52972,https://securityvulnerability.io/vulnerability/CVE-2024-52972,Resource Allocation Vulnerability in Kibana by Elastic,"A vulnerability in Kibana allows for resource allocation without proper limits or throttling. This can lead to service disruptions when specially crafted requests are sent to the /api/metrics/snapshot endpoint. Users with read access to the Observability Metrics or Logs features can exploit this flaw, potentially causing the system to crash.",Elastic,Kibana,6.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-23T06:11:10.715Z,0
CVE-2024-43707,https://securityvulnerability.io/vulnerability/CVE-2024-43707,Information Disclosure in Kibana Affects Elastic Products,"A security issue in Kibana allows unauthorized users to access Elastic Agent policies, potentially exposing sensitive data. The extent of the information disclosure varies based on the enabled integrations for the Elastic Agent and their versions. This vulnerability could lead to unauthorized access to sensitive configurations, emphasizing the need for securing user permissions within the Kibana interface.",Elastic,Kibana,7.7,HIGH,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-23T06:08:10.724Z,607
CVE-2024-43710,https://securityvulnerability.io/vulnerability/CVE-2024-43710,Server Side Request Forgery in Kibana by Elastic,"A server side request forgery vulnerability was discovered in Kibana, allowing users with read access to the Fleet feature to exploit the /api/fleet/health_check API. This security flaw enables the sending of unauthorized requests to internal endpoints over HTTPS, targeting those that return JSON responses. It is crucial for users of Kibana to update their systems and review access controls to mitigate potential risks associated with this vulnerability.",Elastic,Kibana,4.3,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-23T06:06:38.572Z,0
CVE-2024-52973,https://securityvulnerability.io/vulnerability/CVE-2024-52973,Resource Allocation Flaw in Kibana by Elastic,"A resource allocation issue in Kibana allows users with read access to the Observability-Logs feature to crash the application by sending a specially crafted request to the /api/log_entries/summary endpoint. This vulnerability does not impose limits or throttling, which can lead to severe application stability issues and unauthorized control over resource consumption.",Elastic,Kibana,6.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T11:04:06.547Z,0
CVE-2024-43709,https://securityvulnerability.io/vulnerability/CVE-2024-43709,OutOfMemoryError Vulnerability in Elasticsearch Products by Elastic,"A vulnerability exists in Elasticsearch that stems from inadequate resource allocation limits. This issue can potentially result in an OutOfMemoryError, causing the application to crash when specific malicious SQL queries are executed. Users of impacted versions should apply the necessary security updates to mitigate this risk.",Elastic,Elastic,7.5,HIGH,0.0004600000102072954,false,,false,false,false,,false,false,false,,2025-01-21T11:00:11.403Z,0
CVE-2024-37284,https://securityvulnerability.io/vulnerability/CVE-2024-37284,Improper Encoding Handling in Elastic Defend for Windows Systems,"An improper handling of alternate encoding vulnerability exists in Elastic Defend on Windows systems when processing files or processes encoded as multibyte characters. This flaw can trigger an uncaught exception, causing Elastic Defend to crash. As a result, the system may fail to quarantine malicious files or terminate harmful processes, potentially compromising system security.",Elastic,Elastic Defend,5.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,false,false,false,,2025-01-21T10:56:14.762Z,0
CVE-2024-12539,https://securityvulnerability.io/vulnerability/CVE-2024-12539,Security Flaw in Elasticsearch Exposing Sensitive Documents,"CVE-2024-12539 is a significant vulnerability identified in Elastic's Elasticsearch, where improper authorization controls can be exploited. This flaw allows a malicious user to bypass Document Level Security, granting them access to sensitive documents that their user roles should restrict. Such a security gap poses a severe risk to data privacy and integrity, potentially exposing organizations to unauthorized access and data breaches.",Elastic,Elasticsearch,6.5,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2024-12-17T20:50:04.968Z,0
CVE-2024-37285,https://securityvulnerability.io/vulnerability/CVE-2024-37285,Deserialization Flaw in Kibana by Elastic Search,"A deserialization issue in Kibana allows attackers to execute arbitrary code by manipulating YAML documents. This vulnerability arises when Kibana incorrectly processes crafted payloads, necessitating specific permissions on Elasticsearch indices and within Kibana. Attackers must possess both write privilege on system indices .kibana_ingest* and the ability to manipulate restricted indices, combined with comprehensive Kibana privileges. Such an exploit poses significant risks to systems utilizing Kibana for visualization and data analysis.",Elastic,Kibana,,,0.0004299999854993075,false,,true,false,true,2024-09-09T07:07:36.000Z,,false,false,,2024-11-14T17:15:00.000Z,0
CVE-2024-37288,https://securityvulnerability.io/vulnerability/CVE-2024-37288,Deserialization vulnerability in Kibana can lead to arbitrary code execution,"A vulnerability in Kibana has been identified, stemming from a deserialization issue that may allow for arbitrary code execution. This flaw occurs specifically when Kibana attempts to process a maliciously crafted YAML document. Only instances of Kibana that leverage Elastic Security’s integrated AI tools and have seamlessly configured an Amazon Bedrock connector are impacted. Users of these features should exercise caution and apply security updates to mitigate potential risks associated with this vulnerability.",Elastic,Kibana,8.8,HIGH,0.0005000000237487257,false,,false,false,false,,,false,false,,2024-09-09T08:29:51.918Z,0
CVE-2024-37287,https://securityvulnerability.io/vulnerability/CVE-2024-37287,Prototype Pollution Vulnerability in Kibana Allows Arbitrary Code Execution,"Summary: A critical security flaw has been identified in Kibana, a popular open-source data visualization and exploration tool, with a vulnerability that allows attackers to execute arbitrary code. The vulnerability, tracked as CVE-2024-37287, has a critical severity rating and affects various Kibana environments, including self-managed installations, instances running the Kibana Docker image, and those on Elastic Cloud. Users are strongly advised to upgrade to Kibana version 8.14.2 or 7.17.23 to address the flaw and protect their systems. There are no known exploitations in the wild by ransomware groups at this time.",Elastic,Kibana,7.2,HIGH,0.0004900000058114529,false,,true,false,true,2024-08-07T08:09:08.000Z,,false,false,,2024-08-13T11:33:45.520Z,0
CVE-2024-37283,https://securityvulnerability.io/vulnerability/CVE-2024-37283,Elastic Agent Leaks Secrets When Debug Logging Enabled,"An issue was discovered whereby Elastic Agent will leak secrets from the agent policy elastic-agent.yml only when the log level is configured to debug. By default the log level is set to info, where no leak occurs.",Elastic,Elastic Agent,,,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-08-12T13:38:00.000Z,0
CVE-2024-37286,https://securityvulnerability.io/vulnerability/CVE-2024-37286,Logging of Document Bodies in Elastic APM Server,"APM server logs contain document body from a partially failed bulk index request. For example, in case of unavailable_shards_exception for a specific document, since the ES response line contains the document body, and that APM server logs the ES response line on error, the document is effectively logged.",Elastic,Apm Server,6.5,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2024-08-03T16:15:00.000Z,0
CVE-2024-23444,https://securityvulnerability.io/vulnerability/CVE-2024-23444,Unencrypted Private Keys Generated by elasticsearch-certutil CLI Tool,"A security flaw was identified in the elasticsearch-certutil CLI tool, specifically when utilizing the csr option to generate new Certificate Signing Requests. The vulnerability arises as the corresponding private key is saved unencrypted on disk, exposing it to potential unauthorized access, even in cases where the --pass parameter is included in the command. This oversight may lead to unauthorized use of sensitive data, posing significant risks to security.",Elastic,Elasticsearch,7.5,HIGH,0.0008699999889358878,false,,false,false,false,,,false,false,,2024-07-31T17:26:12.784Z,0
CVE-2024-37281,https://securityvulnerability.io/vulnerability/CVE-2024-37281,Kibana Denial of Service issue,"A vulnerability has been identified in Kibana that allows a user with a Viewer role to exploit the system's request handling functionality. By sending a substantial number of specially crafted requests to a designated endpoint, an attacker can cause the Kibana instance to experience crashes. This issue not only disrupts the service but also affects users' access to important analytics and visualizations, highlighting the need for prompt updates and security measures to mitigate such threats.",Elastic,Kibana,6.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-07-30T21:45:36.488Z,0
CVE-2023-49921,https://securityvulnerability.io/vulnerability/CVE-2023-49921,Elastic Addresses Security Issue in Watcher,"An issue was discovered by Elastic whereby Watcher search input logged the search query results on DEBUG log level. This could lead to raw contents of documents stored in Elasticsearch to be printed in logs. Elastic has released 8.11.2 and 7.17.16 that resolves this issue by removing this excessive logging. This issue only affects users that use Watcher and have a Watch defined that uses the search input and additionally have set the search input’s logger to DEBUG or finer, for example using: org.elasticsearch.xpack.watcher.input.search, org.elasticsearch.xpack.watcher.input, org.elasticsearch.xpack.watcher, or wider, since the loggers are hierarchical.",Elastic,Elasticsearch,6.5,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2024-07-26T05:10:33.913Z,0
CVE-2024-37282,https://securityvulnerability.io/vulnerability/CVE-2024-37282,Elevated Privileges Granted Through API Key Reuse,"A security issue has been identified within Elastic Cloud Enterprise, where an API key initially created with limited privileges can be exploited to generate new API keys with elevated privileges. This vulnerability can potentially allow unauthorized access to sensitive operations and resources, posing significant risks to data integrity and security. Organizations utilizing Elastic Cloud Enterprise are advised to take immediate steps to review their key management practices and apply necessary updates or patches to mitigate this risk.",Elastic,Elastic Cloud Enterprise,8.1,HIGH,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-06-28T04:58:18.200Z,0
CVE-2024-23443,https://securityvulnerability.io/vulnerability/CVE-2024-23443,Kibana Vulnerability Affecting Elastic Product,"A vulnerability in Kibana allows a high-privileged user to create and upload a custom osquery pack that could potentially disrupt the availability of the application. If exploited, this could lead to unintentional denial-of-service conditions, emphasizing the need for rigorous access controls and monitoring of user actions within Kibana.",Elastic,Kibana,4.9,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-06-19T13:47:29.166Z,0
CVE-2024-23442,https://securityvulnerability.io/vulnerability/CVE-2024-23442,Kibana Open Redirect Vulnerability Could Lead to Arbitrary Website Redirection,An open redirect issue was discovered in Kibana that could lead to a user being redirected to an arbitrary website if they use a maliciously crafted Kibana URL.,Elastic,Kibana,6.1,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-06-14T14:26:53.169Z,0
CVE-2024-37279,https://securityvulnerability.io/vulnerability/CVE-2024-37279,"Kibana Flaw Allows View-Only Users to Continuously Run Alerting Rules, Affecting System Availability","A flaw was discovered in Kibana, allowing view-only users of alerting to use the run_soon API making the alerting rule run continuously, potentially affecting the system availability if the alerting rule is running complex queries.",Elastic,Kibana,4.3,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-06-13T17:04:41.737Z,0
CVE-2024-37280,https://securityvulnerability.io/vulnerability/CVE-2024-37280,Elasticsearch Document Ingest Vulnerability,"A flaw was discovered in Elasticsearch, affecting document ingestion when an index template contains a dynamic field mapping of “passthrough” type. Under certain circumstances, ingesting documents in this index would cause a StackOverflow exception to be thrown and ultimately lead to a Denial of Service. Note that passthrough fields is an experimental feature.",Elastic,Elasticsearch,4.9,MEDIUM,0.0004400000034365803,false,,false,false,false,,,false,false,,2024-06-13T16:26:57.983Z,0
CVE-2024-23445,https://securityvulnerability.io/vulnerability/CVE-2024-23445,Elasticsearch Remote Cluster Search Cross Cluster API Key insufficient restrictions,"It was identified that if a  cross-cluster API key https://www.elastic.co/guide/en/elasticsearch/reference/8.14/security-api-create-cross-cluster-api-key.html#security-api-create-cross-cluster-api-key-request-body  restricts search for a given index using the query or the field_security parameter, and the same cross-cluster API key also grants replication for the same index, the search restrictions are not enforced during cross cluster search operations and search results may include documents and terms that should not be returned.

This issue only affects the  API key based security model for remote clusters https://www.elastic.co/guide/en/elasticsearch/reference/8.14/remote-clusters.html#remote-clusters-security-models  that was previously a beta feature and is released as GA with 8.14.0",Elastic,Elasticsearch,6.5,MEDIUM,0.0004299999854993075,false,,false,false,false,,,false,false,,2024-06-12T14:15:00.000Z,0
CVE-2024-23449,https://securityvulnerability.io/vulnerability/CVE-2024-23449,Elasticsearch Ingest Node Crashes When Parsing Encrypted PDFs,An uncaught exception in Elasticsearch >= 8.4.0 and < 8.11.1 occurs when an encrypted PDF is passed to an attachment processor through the REST API. The Elasticsearch ingest node that attempts to parse the PDF file will crash. This does not happen with password-protected PDF files or with unencrypted PDF files.,Elastic,Elasticsearch,5.3,MEDIUM,0.0004600000102072954,false,,false,false,false,,,false,false,,2024-03-29T11:12:49.067Z,0
CVE-2024-23451,https://securityvulnerability.io/vulnerability/CVE-2024-23451,Incorrect Authorization in Remote Cluster Security Could Allow Malicious Access to Arbitrary Documents,"Incorrect Authorization issue exists in the API key based security model for Remote Cluster Security, which is currently in Beta, in Elasticsearch 8.10.0 and before 8.13.0. This allows a malicious user with a valid API key for a remote cluster configured to use the new Remote Cluster Security to read arbitrary documents from any index on the remote cluster, and only if they use the Elasticsearch custom transport protocol to issue requests with the target index ID, the shard ID and the document ID. None of Elasticsearch REST API endpoints are affected by this issue.",Elastic,Elasticsearch,6.5,MEDIUM,0.0004900000058114529,false,,false,false,false,,,false,false,,2024-03-27T18:03:25.802Z,0