ELK Security

Hi Team,

We just upgraded the stack version on 8.14.0 and the vulnerability scan has picked up CVE-2024-27980, CVE-2024-22020, CVE-2024-36137, CVE-2024-22018 and CVE-2024-37372. Can you please let me know how it impacts the Kibana instance and is there is a fix for this?

From Elastic Security to Kibana

Hi,
Can I get some update on this?

You need to send an email to security@elastic.co with those CVE so the security team can check if they impact any tool in the stack or not.

If you do not send the email Elastic will not validate this.

Hi,
I have already sent an email for this, however did not get any response. Hence, I opened this case on the forum.

I don't think they check this forum often, it is not considered official support.

If you have a support contract, opening a ticket may speed up things, but besides that I don't think there is much else to do.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.