Kibana 8.12.1 Security Update (ESA-2024-21)

rodrigo_silva · June 10, 2025, 4:48pm

Kibana Improper Authorization (ESA-2024-21)

Improper authorization in Kibana can lead to privilege abuse via a direct HTTP request to a Synthetic monitor endpoint.

Affected Versions:

Kibana versions before and including 8.12.0.

Solutions and Mitigations:

The issue is resolved in versions 8.12.1.

For Users that Cannot Upgrade:

Self-hosted:
Users with a self-hosted deployment who cannot upgrade can disable the synthetics app OR put a block on synthetics indices.

Disable the synthetics by adding xpack.uptime.enabled: false to their kibana.yml file
Put an index block on the synthetics-* indices to make them read-only see

Elastic Cloud:
Users on an Elastic Cloud deployment who cannot upgrade can put a block on synthetics indices

Severity: High (7.6) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L/CR:M/IR:M/AR:M
CVE ID: CVE-2024-43706

Topic		Replies	Views
Kibana 8.15.1 Security Update (ESA-2024-27, ESA-2024-28) Security Announcements	0	12194	September 5, 2024
Kibana 8.11.1 Security Update (ESA-2023-25) Security Announcements	2	17709	November 17, 2023
Elastic Stack 7.17.1 Security Update Security Announcements	1	20415	November 4, 2022
Kibana 8.14.0/7.17.22 Security Update (ESA-2024-11) Security Announcements	0	4881	June 14, 2024
Kibana 7.17.23 and 8.15.1 Security Update (ESA-2024-36) Security Announcements	0	811	April 8, 2025