Primary

Context

Elastic Kibana Fleet Plugin Privilege Abuse Vulnerability Allowing Unauthorized Data Access

Vulnerability

Patched

A vulnerability exists in Kibana's Fleet plugin debug route handlers, allowing authenticated users with Fleet sub-feature privileges to access index data beyond their assigned Elasticsearch role-based access control (RBAC) limits. This issue arises from execution with unnecessary privileges, enabling privilege abuse. The vulnerability affects Kibana versions 8.0.0 through 8.19.13, as well as 9.0.0 through 9.2.7 and 9.3.0 through 9.3.2.

Impact

Exploitation of this vulnerability could lead to unauthorized access to index data, bypassing established RBAC restrictions.

Remediation

Users can upgrade to Kibana versions 8.19.14, 9.2.8, or 9.3.3. For those unable to upgrade, it is recommended to restrict Fleet privileges to trusted administrative users.

Added: Apr 8, 2026, 5:27 PM

Updated: Apr 8, 2026, 5:27 PM

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

0.6

exploitability

6.3

remediation

7.9

relevance

5.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

5.7

impact

0.6

exploitability

6.3

remediation

7.9

relevance

5.5

threat

0.0

urgency

2.9

incentive

0.0

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Elastic Kibana Fleet Plugin Privilege Abuse Vulnerability Allowing Unauthorized Data Access

Vulnerability

Impact

Remediation

Affected Products

Elastic Kibana

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating