CVE-2025-43707

Kibana

Elasticsearch

Overview

AI description

Generated using AI and has not been reviewed by Intruder. May contain errors.

CVE-2024-43707 is a vulnerability found in Kibana, a data visualization dashboard software for Elasticsearch. It is an unauthorized access flaw where users without the necessary "Fleet" access can view Elastic Agent policies. These policies might contain sensitive information, the nature of which depends on the specific integrations enabled for the Elastic Agent and their versions. The vulnerability affects Kibana versions 8.0.0 up to 8.15.0. To mitigate this issue, users are strongly encouraged to upgrade to version 8.15.0, where a patch has been implemented.

Description: -

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score: 31

Disclosure of CVE-2025-43707: out-of-bounds read in the Rust-Miniscript satisfier. https://t.co/QdcQMMhjTW
@darosior
24 Apr 2025
16590 Impressions
12 Retweets
60 Likes
3 Bookmarks
5 Replies
5 Quotes

References

https://www.cve.org/CVERecord?id=CVE-2025-43707

Overview

AI description

Social media

References