3 matches found
BIT-ELK-2025-68422 Kibana Improper Authorization
Improper Authorization CWE-285 in Kibana can lead to privilege escalation CAPEC-233 by allowing an authenticated user to bypass intended permission restrictions via a crafted HTTP request. This allows an attacker who lacks the live queries - read permission to successfully retrieve the list of li...
BIT-ELK-2024-43706 Kibana Improper Authorization
Improper authorization in Kibana can lead to privilege abuse via a direct HTTP request to a Synthetic monitor endpoint...
CVE-2024-43706 Kibana Improper Authorization
Improper authorization in Kibana can lead to privilege abuse via a direct HTTP request to a Synthetic monitor endpoint...