Lucene search
K

5 matches found

RedhatCVE
RedhatCVE
added 2026/03/20 1:37 p.m.4 views

CVE-2026-26939

A flaw was found in Kibana. An authenticated attacker with rule management privileges could exploit a missing authorization vulnerability in the server-side Detection Rule Management. This allows the attacker to configure unauthorized endpoint response actions, such as host isolation, process...

6.5CVSS5.8AI score0.00175EPSS
Exploits0References4
EUVD
EUVD
added 2026/03/19 6:31 p.m.5 views

EUVD-2026-13143

Missing Authorization CWE-862 in Kibana’s server-side Detection Rule Management can lead to Unauthorized Endpoint Response Action Configuration host isolation, process termination, and process suspension via CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs. This requires an...

6.5CVSS5.8AI score0.00175EPSS
Exploits0References2
ATTACKERKB
ATTACKERKB
added 2026/03/19 5:11 p.m.2 views

CVE-2026-26939

Missing Authorization CWE-862 in Kibana’s server-side Detection Rule Management can lead to Unauthorized Endpoint Response Action Configuration host isolation, process termination, and process suspension via CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs. This requires an...

6.5CVSS5.8AI score0.00175EPSS
Exploits0References2Affected Software1
CVE
CVE
added 2026/03/19 5:11 p.m.21 views

CVE-2026-26939

CVE-2026-26939 affects Kibana’s server-side Detection Rule Management. Missing Authorization (CWE-862) could allow an authenticated attacker with rule management privileges to configure Unauthorized Endpoint Response Actions (host isolation, process termination, process suspension). Root cause an...

6.5CVSS5.8AI score0.00175EPSS
Exploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2026/03/19 12:0 a.m.7 views

PT-2026-26324

Missing Authorization CWE-862 in Kibana’s server-side Detection Rule Management can lead to Unauthorized Endpoint Response Action Configuration host isolation, process termination, and process suspension via CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs. This requires an...

6.5CVSS5.8AI score0.00175EPSS
Exploits0References4
Rows per page
Query Builder