CVE-2024-37285

CVSS 3.1 Score 9.1 of 10 (high)

Details

Published Nov 14, 2024

Updated: Nov 15, 2024

CWE ID 502

Summary

CVE-2024-37285 is a deserialization vulnerability affecting Kibana. maliciously crafted YAML documents can cause Kibana to execute arbitrary code. This issue arises when Kibana parses such documents, and it occurs due to insufficient input validation. To exploit this vulnerability, an attacker needs both specific Elasticsearch indices privileges and Kibana privileges. The Elasticsearch indices privileges include write access to the .kibana_ingest system indices and the allow_restricted_indices flag set to true. The Kibana privileges consist of the All privilege under Fleet or the Read privilege under Integration, or access to the fleet-setup privilege through the Fleet Server's service account token.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.

Share

Affected Products

Kibana

Affected Vendors

Elastic

Advisories, Assessments, and Mitigations

Back to Vulnerability Database

Platform Features

Products

Use Cases

Teams

Industries

Services

Submarine Cables Face Increasing Threats Amid Geopolitical Tensions and Limited Repair Capacity

US Violent Extremists Likely Shifting Focus to Targeted Physical Threats in 2025

DRAT V2: Updated DRAT Emerges in TAG-140’s Arsenal

Know What Matters

For Customers

For Partners