Lucene search
K

4 matches found

NVD
NVD
added 2024/11/14 5:15 p.m.31 views

CVE-2024-37285

A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. A successful attack requires a malicious user to have a combination of both specific Elasticsearch indices privileges...

9.1CVSS0.01257EPSS
Exploits0References1
Cvelist
Cvelist
added 2024/11/14 4:49 p.m.28 views

CVE-2024-37285 Kibana arbitrary code execution via YAML deserialization

A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. A successful attack requires a malicious user to have a combination of both specific Elasticsearch indices privileges...

9.1CVSS0.01257EPSS
Exploits0References1
OSV
OSV
added 2024/11/14 4:49 p.m.4 views

CVE-2024-37285 Kibana arbitrary code execution via YAML deserialization

A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. A successful attack requires a malicious user to have a combination of both specific Elasticsearch indices privileges...

9.1CVSS7.9AI score0.01257EPSS
Exploits0References3
Vulnrichment
Vulnrichment
added 2024/11/14 4:49 p.m.11 views

CVE-2024-37285 Kibana arbitrary code execution via YAML deserialization

A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. A successful attack requires a malicious user to have a combination of both specific Elasticsearch indices privileges...

9.1CVSS7.7AI score0.01257EPSS
Exploits0References1
Rows per page
Query Builder