Published On: Apr 11, 2025 08:52
Advisory No: TZCERT-SA-25-0083
Source: Elasticsearch
Software Affected: Kibana before versions 8.16.6 and 8.17.3
A critical vulnerability is affecting GraphQL. Exploitation of this vulnerability may allow an attacker to execute remote code.
Kibana versions before 8.16.6 and 8.17.3 are affected by a vulnerability tracked as CVE-2025-25015 with a CVSS score of 9.9. The vulnerability is exploitable by users with the Viewer role and by users that have roles that contain all the following privileges: fleet-all, integrations-all, actions:execute-advanced-connectors. Upon successful exploitation, the attacker may achieve arbitrary code execution via a crafted file upload and specifically crafted HTTP requests.
Successful exploitation of this vulnerability may allow the attackers to take control of the affected system.
Elasticsearch has released security patches for this vulnerability. Users and administrators are encouraged to apply necessary updates.
A digest of Tanzania Computer Emergency Response Team coverage of cyber-security news across the globe.
