Primary

Context

Elastic Kibana Server-Side Request Forgery Vulnerability in Fleet Health Check API

Vulnerability

Patched

A server-side request forgery (SSRF) vulnerability has been identified in Elastic Kibana. This issue allows users with read access to Fleet to exploit the /api/fleet/health_check API to send requests to internal endpoints. The vulnerability is limited to endpoints that are accessible over HTTPS and return JSON.

Impact

Exploitation of this vulnerability could lead to unauthorized access to internal endpoints, potentially allowing for further attacks or data exposure.

Remediation

Users are advised to update to the latest version of Kibana where this vulnerability has been addressed.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

1.3

exploitability

4.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

1.3

exploitability

4.9

remediation

7.7

relevance

0.0

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Elastic Kibana Server-Side Request Forgery Vulnerability in Fleet Health Check API

Vulnerability

Impact

Remediation

Affected Products

Elastic Kibana

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating