6 matches found
CVE-2026-33458
Server-Side Request Forgery CWE-918 in Kibana One Workflow can lead to information disclosure. An authenticated user with workflow creation and execution privileges can bypass host allowlist restrictions in the Workflows Execution Engine, potentially exposing sensitive internal endpoints and data...
PT-2026-32429
Server-Side Request Forgery CWE-918 in Kibana One Workflow can lead to information disclosure. An authenticated user with workflow creation and execution privileges can bypass host allowlist restrictions in the Workflows Execution Engine, potentially exposing sensitive internal endpoints and data...
EUVD-2026-20519
Server-Side Request Forgery CWE-918 in Kibana One Workflow can lead to information disclosure. An authenticated user with workflow creation and execution privileges can bypass host allowlist restrictions in the Workflows Execution Engine, potentially exposing sensitive internal endpoints and data...
CVE-2026-33458
Server-Side Request Forgery CWE-918 in Kibana One Workflow can lead to information disclosure. An authenticated user with workflow creation and execution privileges can bypass host allowlist restrictions in the Workflows Execution Engine, potentially exposing sensitive internal endpoints and data...
CVE-2026-33458
Summary : CVE-2026-33458 describes a Server-Side Request Forgery (SSRF) in Kibana One Workflow that can lead to information disclosure. An authenticated user with workflow creation and execution privileges can bypass host allowlist restrictions in the Workflows Execution Engine, potentially expos...
PT-2026-31344
Name of the Vulnerable Software and Affected Versions Kibana versions affected versions not specified Description Kibana One Workflow contains a Server-Side Request Forgery CWE-918 issue that can lead to information disclosure. An authenticated user with workflow creation and execution privileges...