BIT-ELK-2025-37728 Kibana Insufficiently Protected Credentials in the CrowdStrike Connector

Insufficiently Protected Credentials in the Crowdstrike connector can lead to Crowdstrike credentials being leaked. A malicious user can access cached credentials from a Crowdstrike connector in another space by creating and running a Crowdstrike connector in a space to which they have access...

CVE-2025-37728

Insufficiently Protected Credentials in the Crowdstrike connector can lead to Crowdstrike credentials being leaked. A malicious user can access cached credentials from a Crowdstrike connector in another space by creating and running a Crowdstrike connector in a space to which they have access...

EUVD-2025-32872

Insufficiently Protected Credentials in the Crowdstrike connector can lead to Crowdstrike credentials being leaked. A malicious user can access cached credentials from a Crowdstrike connector in another space by creating and running a Crowdstrike connector in a space to which they have access...

PT-2025-40996

Name of the Vulnerable Software and Affected Versions Kibana versions 7.x through 7.17.29 Kibana versions 8.18.0 through 8.18.7 Kibana versions 8.19.0 through 8.19.4 Kibana versions 9.0.0 through 9.0.7 Kibana versions 9.1.0 through 9.1.4 Description A security issue exists in the Kibana CrowdStri...