CVE-2025-37728

Name of the Vulnerable Software and Affected Versions Kibana versions 7.x through 7.17.29 Kibana versions 8.18.0 through 8.18.7 Kibana versions 8.19.0 through 8.19.4 Kibana versions 9.0.0 through 9.0.7 Kibana versions 9.1.0 through 9.1.4

Description A security issue exists in the Kibana CrowdStrike Connector that may expose sensitive credentials to unauthorized users. A malicious user can access cached CrowdStrike credentials from different spaces within a Kibana instance. This allows unauthorized cross-workspace access, potentially enabling an attacker to interact with the CrowdStrike platform without authorization. The vulnerability affects communication between Kibana and the CrowdStrike Management Console via API credentials. There are no workarounds available, and immediate updates are necessary to prevent potential credential theft and misuse.

Recommendations Kibana versions 7.x through 7.17.29: Upgrade to a patched version. Kibana versions 8.18.0 through 8.18.7: Upgrade to version 8.18.8. Kibana versions 8.19.0 through 8.19.4: Upgrade to version 8.19.5. Kibana versions 9.0.0 through 9.0.7: Upgrade to version 9.0.8. Kibana versions 9.1.0 through 9.1.4: Upgrade to version 9.1.5.