- Description
- An issue was identified in Kibana where a user without access to Fleet can view Elastic Agent policies that could contain sensitive information. The nature of the sensitive information depends on the integrations enabled for the Elastic Agent and their respective versions.
- Source
- bressers@elastic.co
- NVD status
- Received
CVSS 3.1
- Type
- Secondary
- Base score
- 7.7
- Impact score
- 4
- Exploitability score
- 3.1
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:N/A:N
- Severity
- HIGH
- bressers@elastic.co
- CWE-200
Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.
- Hype score
1
Top 5 Trending CVEs: 1 - CVE-2024-56529 2 - CVE-2025-0950 3 - CVE-2025-24118 4 - CVE-2025-21293 5 - CVE-2024-43707 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
3 Feb 2025
21 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes
Kibana の脆弱性 CVE-2024-43707/43710 が FIX:情報漏えい/SSRF の可能性 https://t.co/nnFPvqyeCq Kibana の脆弱性が FIX しました。さまざまなアプリケーションで利用されている Kibana であり、Kibana に依存しているアプリケーションもあるため、その影響の範囲が懸念されます。 #CVE202443707… https://t.co/4QfFkXBETa
@iototsecnews
3 Feb 2025
169 Impressions
2 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[중요] Elastic Kibana 보안 취약점 (CVE-2024-43707, CVE-2024-43710) 패치 권고
@virusmyths
2 Feb 2025
17 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
"Kibana"da boşluq (CVE-2024-43707) aşkarlanıb #ETX #certaz #cybersecurity #kibertəhlükəsizlik #xəbərdarlıq https://t.co/hjBRI2nrfa
@CERTAzerbaijan
28 Jan 2025
31 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Kibana has released version 8.15.0 to patch a critical vulnerability (CVE-2024-43707) exposing sensitive information and a medium severity flaw (CVE-2024-43710). Protect systems! 🚨🔒 #KibanaUpdate #DataBreach #USA link: https://t.co/xlmZlsKpTv https://t.co/pKUZ3bG5Cc
@TweetThreatNews
25 Jan 2025
48 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Threat Alert: CVE-2024-43707: Kibana Patches High Severity Vulnerability Exposing Sensitive In CVE-2024-43707 CVE-2024-43710 Severity: 🔴 High Maturity: 💢 Emerging Learn more: https://t.co/W09LANo931 #CyberSecurity #ThreatIntel #InfoSec
@fletch_ai
25 Jan 2025
39 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-43707: Kibana Patches High Severity Vulnerability Exposing Sensitive Information https://t.co/GBaLkuJSdT
@Dinosn
24 Jan 2025
2843 Impressions
7 Retweets
36 Likes
5 Bookmarks
0 Replies
0 Quotes
🚨Alert🚨 CVE-2024-43707 : Kibana exposure of sensitive information to an unauthorized actor 📊 351K+ Services are found on the https://t.co/ysWb28BTvF yearly. 🔗Hunter Link:https://t.co/Xdrn76rGOr 👇Query HUNTER :https://t.co/q9rtuGfZuz="Elastic Kibana" FOFA : product="Kibana"…
@HunterMapping
24 Jan 2025
2733 Impressions
15 Retweets
43 Likes
18 Bookmarks
8 Replies
0 Quotes
Yep again, CVE-2024-43707: Kibana Exposure of Sensitive Information to An Unauthorized Actor. Where a user without access to Fleet can view #Elastic Agent policies that could contain sensitive information. ZoomEye Dork app="Kibana" 202k+ results are found on ZoomEye. https://t.
@byt3n33dl3
24 Jan 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
🚨🚨CVE-2024-43707: Kibana Exposure of Sensitive Information to An Unauthorized Actor ⚠️Where a user without access to Fleet can view Elastic Agent policies that could contain sensitive information. ZoomEye Dork👉app="Kibana" 202k+ results are found on ZoomEye. ZoomEye Link:… h
@zoomeye_team
24 Jan 2025
758 Impressions
6 Retweets
10 Likes
2 Bookmarks
0 Replies
0 Quotes
CVE-2024-43707 An issue was identified in Kibana where a user without access to Fleet can view Elastic Agent policies that could contain sensitive information. The nature of the sen… https://t.co/oshkXG2IHx
@CVEnew
23 Jan 2025
433 Impressions
0 Retweets
0 Likes
1 Bookmark
0 Replies
0 Quotes