Volerion logoVolerion
Volerion logoVolerion

Elastic Kibana Uncontrolled Resource Consumption Vulnerability

Vulnerability

A vulnerability has been identified in Elastic Kibana's Observability API, where a specially crafted request can lead to a crash of the Kibana server. This issue affects Kibana versions 7.17.0 prior to 7.17.22 and versions 8.0.0 prior to 8.15.1. The vulnerability requires a malicious user to have read permissions for Observability.

Impact

Exploitation of this vulnerability can cause the Kibana server to crash, leading to a denial of service.

Remediation

Users are advised to upgrade to Kibana version 8.15.1 or higher.

Added: Jun 9, 2025, 7:46 PM
Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm
spread
5.7
impact
2.5
exploitability
4.9
remediation
7.7
relevance
0.0
threat
0.0
urgency
2.9
incentive
1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.