A flaw was discovered in Kibana, allowing view-only users of alerting to use the run_soon API making the alerting rule run continuously, potentially affecting the system availability if the alerting rule is running complex queries.
Metrics
Affected Vendors & Products
References
History
Thu, 03 Oct 2024 18:00:00 +0000
Type | Values Removed | Values Added |
---|---|---|
First Time appeared |
Elastic
Elastic kibana |
|
Weaknesses | NVD-CWE-Other | |
CPEs | cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:* | |
Vendors & Products |
Elastic
Elastic kibana |
MITRE
Status: PUBLISHED
Assigner: elastic
Published: 2024-06-13T17:04:41.737Z
Updated: 2024-08-02T03:50:55.975Z
Reserved: 2024-06-05T14:21:14.941Z
Link: CVE-2024-37279
Vulnrichment
Updated: 2024-06-13T19:11:51.715Z
NVD
Status : Analyzed
Published: 2024-06-13T17:15:50.770
Modified: 2024-10-03T17:33:47.477
Link: CVE-2024-37279
Redhat