CVE-2025-25012

🗓️ 25 Jun 2025 11:52:53Reported by elasticType

cve🔗 web.nvd.nist.gov📰️ 2 Media mentions👁 52 Views

Kibana Open Redirect vulnerability can lead to user redirection to untrusted sites and server-side request forgery.

Reporter	Title	Published	Views	Family All 19
Chainguard	CVE-2025-25012 vulnerabilities	28 Jan 202619:17	–	cgr
Circl	CVE-2025-25012	6 Mar 202504:35	–	circl
CNNVD	Elastic Kibana 输入验证错误漏洞	25 Jun 202500:00	–	cnnvd
Cvelist	CVE-2025-25012 Kibana Open Redirect	25 Jun 202511:52	–	cvelist
Elastic	Kibana 8.17.3 / 8.16.6 Security Update (ESA-2025-06)	5 Mar 202509:41	–	elastic
Elastic	Kibana 7.17.29, 8.17.8, 8.18.3, 9.0.3 Security Update (ESA-2025-10)	24 Jun 202517:01	–	elastic
EUVD	EUVD-2025-19084	3 Oct 202520:07	–	euvd
Tenable Nessus	Kibana < 7.17.29 / 8.x < 8.17.18 / 8.18.x < 8.18.3 / 9.x < 9.0.3 Multiple Vulnerabilities (ESA-2025-09, ESA-2025-10)	7 Jul 202500:00	–	nessus
Tenable Nessus	Kibana 8.15.x < 8.17.3 (ESA_2025_06)	7 Mar 202500:00	–	nessus
NVD	CVE-2025-25012	25 Jun 202512:15	–	nvd

NVD

Node

elastic kibanaRange7.0.0–7.17.29

elastic kibanaRange8.0.0–8.17.8

elastic kibanaRange8.18.0–8.18.3

elastic kibanaRange9.0.0–9.0.3

[
  {
    "defaultStatus": "unaffected",
    "product": "Kibana",
    "repo": "https://github.com/elastic/kibana",
    "vendor": "Elastic",
    "versions": [
      {
        "lessThanOrEqual": "7.17.28",
        "status": "affected",
        "version": "7.0.0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "8.17.7",
        "status": "affected",
        "version": "8.0.0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "8.18.2",
        "status": "affected",
        "version": "8.18.0",
        "versionType": "semver"
      },
      {
        "lessThanOrEqual": "9.0.2",
        "status": "affected",
        "version": "9.0.0",
        "versionType": "semver"
      }
    ]
  }
]