EUVD-2025-26116

Malicious code in bioql PyPI...

BIT-KIBANA-2025-25010 Kibana privilege escalation via reporting_user role

Incorrect authorization in Kibana can lead to privilege escalation via the built-in reportinguser role which incorrectly has the ability to access all Kibana Spaces...

BIT-ELK-2025-25010 Kibana privilege escalation via reporting_user role

Incorrect authorization in Kibana can lead to privilege escalation via the built-in reportinguser role which incorrectly has the ability to access all Kibana Spaces...

Incorrect Authorization

Overview kibana is an open source Apache Licensed, browser-based analytics and search dashboard for Elasticsearch. Affected versions of this package are vulnerable to Incorrect Authorization via the built-in reportinguser role, which is incorrectly grants access to all Spaces. An attacker can gai...

CVE-2025-25010

Incorrect authorization in Kibana can lead to privilege escalation via the built-in reportinguser role which incorrectly has the ability to access all Kibana Spaces...

CVE-2025-25010

Incorrect authorization in Kibana can lead to privilege escalation via the built-in reportinguser role which incorrectly has the ability to access all Kibana Spaces...

CVE-2025-25010

The CVE-2025-25010 issue is an incorrect authorization flaw in Kibana where the built-in reporting_user role can access all Kibana Spaces, enabling privilege escalation. Affected versions are Kibana 9.0.x from 9.0.0 through 9.0.5 and 9.1.x from 9.1.0 through 9.1.2. The root cause is improper auth...

CVE-2025-25010 Kibana privilege escalation via reporting_user role

Incorrect authorization in Kibana can lead to privilege escalation via the built-in reportinguser role which incorrectly has the ability to access all Kibana Spaces...

PT-2025-35100

Name of the Vulnerable Software and Affected Versions: Kibana affected versions not specified Description: Incorrect authorization in Kibana can lead to privilege escalation via the built-in reporting user role, which incorrectly has the ability to access all Kibana Spaces. Recommendations: At th...

Elastic Kibana 安全漏洞

Elastic Kibana is an available data visualization dashboard software from Elastic. A security vulnerability exists in Elastic Kibana that stems from improper authorization of the built-in reportinguser role, which could lead to elevated privileges...

CVE-2017-8446

The Reporting feature in X-Pack in versions prior to 5.5.2 and standalone Reporting plugin versions versions prior to 2.4.6 had an impersonation vulnerability. A user with the reportinguser role could execute a report with the permissions of another reporting user, possibly gaining access to...

Security feature bypass

The Reporting feature in X-Pack in versions prior to 5.5.2 and standalone Reporting plugin versions versions prior to 2.4.6 had an impersonation vulnerability. A user with the reportinguser role could execute a report with the permissions of another reporting user, possibly gaining access to...