CVE-2024-37285

Name of the Vulnerable Software and Affected Versions Kibana (affected versions not specified)

Description A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. A successful attack requires a malicious user to have a combination of both specific Elasticsearch indices privileges and Kibana privileges. The required Elasticsearch indices permissions include write privilege on the system indices .kibana ingest and the allow restricted indices flag set to true. Additionally, any of the following Kibana privileges are required: the All privilege under Fleet, the Read or All privilege under Integration, or access to the fleet-setup privilege through the Fleet Server’s service account token.

Recommendations At the moment, there is no information about a newer version that contains a fix for this vulnerability.