A flaw was discovered in Kibana, allowing view-only users of alerting to use the run_soon API making the alerting rule run continuously, potentially affecting the system availability if the alerting rule is running complex queries.
History

Thu, 03 Oct 2024 18:00:00 +0000

Type Values Removed Values Added
First Time appeared Elastic
Elastic kibana
Weaknesses NVD-CWE-Other
CPEs cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*
Vendors & Products Elastic
Elastic kibana

cve-icon MITRE

Status: PUBLISHED

Assigner: elastic

Published: 2024-06-13T17:04:41.737Z

Updated: 2024-08-02T03:50:55.975Z

Reserved: 2024-06-05T14:21:14.941Z

Link: CVE-2024-37279

cve-icon Vulnrichment

Updated: 2024-06-13T19:11:51.715Z

cve-icon NVD

Status : Analyzed

Published: 2024-06-13T17:15:50.770

Modified: 2024-10-03T17:33:47.477

Link: CVE-2024-37279

cve-icon Redhat

Severity : Moderate

Publid Date: 2024-06-05T00:00:00Z

Links: CVE-2024-37279 - Bugzilla