9.1

CVE-2024-37285

Kibana arbitrary code execution via YAML deserialization

A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. A successful attack requires a malicious user to have a combination of both specific  Elasticsearch indices privileges https://www.elastic.co/guide/en/elasticsearch/reference/current/defining-roles.html#roles-indices-priv  and  Kibana privileges https://www.elastic.co/guide/en/fleet/current/fleet-roles-and-privileges.html  assigned to them.



The following Elasticsearch indices permissions are required

  *  write privilege on the system indices .kibana_ingest*
  *  The allow_restricted_indices flag is set to true


Any of the following Kibana privileges are additionally required

  *  Under Fleet the All privilege is granted
  *  Under Integration the Read or All privilege is granted
  *  Access to the fleet-setup privilege is gained through the Fleet Server’s service account token
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ElasticKibana Version >= 8.10.0 <= 8.15.0
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.06% 0.777
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.2 1.2 5.9
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
bressers@elastic.co 9.1 2.3 6
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H
CWE-502 Deserialization of Untrusted Data

The product deserializes untrusted data without sufficiently ensuring that the resulting data will be valid.