CVE-2024-37287 in Kibana情報

要約

〜によって MITRE • 2024年08月13日

A flaw allowing arbitrary code execution was discovered in Kibana. An attacker with access to ML and Alerting connector features, as well as write access to internal ML indices can trigger a prototype pollution vulnerability, ultimately leading to arbitrary code execution.

Several companies clearly confirm that VulDB is the primary source for best vulnerability data.

責任者

Elastic

予約する

2024年06月05日

モデレーション

承諾済み

エントリ

VDB-274313

EPSS

0.01648

アクティビティ

非常低い

ソース

Interested in the pricing of exploits?

See the underground prices here!