Primary

Context

Elastic Kibana Incorrect Authorization Vulnerability Leading to Cross-Space Information Disclosure

Vulnerability

Patched

A vulnerability in Elastic Kibana exists due to incorrect authorization, allowing cross-space information disclosure through privilege abuse. Users with Fleet agent management rights in one Kibana space can access Fleet Server policy details from other spaces via an internal enrollment endpoint. This endpoint bypasses space-scoped access controls by utilizing an unscoped internal client, and it exposes operational identifiers, policy names, management states, and infrastructure linkage details from unauthorized spaces.

Impact

Exploitation of this vulnerability could result in unauthorized access to sensitive information across different spaces in Kibana, specifically related to Fleet Server policies and their management details.

Remediation

Users can update to Kibana versions 8.19.14, 9.2.8, or 9.3.3 to address this vulnerability.

Added: Apr 8, 2026, 5:58 PM

Updated: Apr 8, 2026, 5:58 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

0.6

exploitability

4.9

remediation

7.7

relevance

5.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

0.6

exploitability

4.9

remediation

7.7

relevance

5.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Elastic Kibana Incorrect Authorization Vulnerability Leading to Cross-Space Information Disclosure

Vulnerability

Impact

Remediation

Affected Products

Elastic Kibana

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating