Kibana server-side request forgery (ESA-2024-29)
A server side request forgery vulnerability was identified in Kibana where the /api/fleet/health_check API could be used to send requests to internal endpoints. Due to the nature of the underlying request, only endpoints available over https that return JSON could be accessed. This can be carried out by users with read access to Fleet.
Affected Versions:
Kibana versions from 8.7.0 up to 8.15.0
Solutions and Mitigations:
The issue is resolved in version 8.15.0
Severity: CVSSv3.1: 4.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
CVE ID: CVE-2024-43710
Kibana exposure of sensitive information to an unauthorized actor (ESA-2024-30)
An issue was identified in Kibana where a user without access to Fleet can view Elastic Agent policies that could contain sensitive information. The nature of the sensitive information depends on the integrations enabled for the Elastic Agent and their respective versions.
Affected Versions:
Kibana versions from 8.0.0 up to 8.15.0
Solutions and Mitigations:
Users should upgrade to version 8.15.0
Severity: CVSSv3.1: 7.7 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
CVE ID: CVE-2024-43707