Lucene search
K

4 matches found

Tenable Nessus
Tenable Nessus
added 2025/09/05 12:0 a.m.6 views

Kibana 9.0.x < 9.0.6 / 9.1.x < 9.1.3 Incorrect Authorization (ESA-2025-13)

The version of Kibana running on the remote host is prior to 9.0 prior to 9.0.6 or 9.1 prior to 9.1.3. It is, therefore, a vulnerability as referenced in the ESA-2025-13 advisory. - Incorrect authorization in Kibana can lead to privilege escalation via the built-in reportinguser role which...

6.5CVSS5.6AI score0.00254EPSS
Exploits0References2
Cvelist
Cvelist
added 2025/08/28 3:52 p.m.11 views

CVE-2025-25010 Kibana privilege escalation via reporting_user role

Incorrect authorization in Kibana can lead to privilege escalation via the built-in reportinguser role which incorrectly has the ability to access all Kibana Spaces...

6.5CVSS0.00254EPSS
Exploits0References1
Elastic
Elastic
added 2025/08/28 3:35 p.m.11 views

Kibana 9.0.6, 9.1.3 Security Update (ESA-2025-13)

Kibana privilege escalation viareportinguser role ESA-2025-13 Incorrect authorization in Kibana can lead to privilege escalation via the built-in reportinguser role which incorrectly has the ability to access all Kibana Spaces. Affected Versions: Kibana versions starting from and including 9.0.0,...

6.5CVSS5.4AI score0.00254EPSS
Exploits0
Positive Technologies
Positive Technologies
added 2025/08/28 12:0 a.m.6 views

PT-2025-35100

Name of the Vulnerable Software and Affected Versions: Kibana affected versions not specified Description: Incorrect authorization in Kibana can lead to privilege escalation via the built-in reporting user role, which incorrectly has the ability to access all Kibana Spaces. Recommendations: At th...

6.5CVSS6.4AI score0.00254EPSS
Exploits0References7
Rows per page
Query Builder