Tuesday, May 6, 2025
HomeCVE/vulnerabilityKibana Releases Security Patch to Fix Code Injection Vulnerability

Kibana Releases Security Patch to Fix Code Injection Vulnerability

Published on

SIEM as a Service

Follow Us on Google News

Elastic, the company behind Kibana, has released critical security updates to address a high-severity vulnerability identified as CVE-2024-12556.

The flaw, referred to as “Kibana Prototype Pollution,” could allow attackers to execute arbitrary code by exploiting a combination of unrestricted file uploads and path traversal.

The vulnerability, which carries a CVSS score of 8.7 (High), impacts multiple versions of Kibana, a widely used data visualization platform.

- Advertisement - Google News

Elastic has urged users to update to the latest patched versions to mitigate potential risks.

CVE-2024-12556: Key Details

CVE-2024-12556 is linked to prototype pollution in Kibana’s integration assistant feature. Exploitation requires attackers to have authenticated, low-privilege access to the platform and user interaction.

Successful attacks can lead to code injection, resulting in severe implications such as the compromise of sensitive data or operational disruptions.

Affected Products

The vulnerability affects the following Kibana versions:

ProductAffected VersionsPatched Versions
Kibana8.16.1 to 8.17.18.16.4, 8.17.2, or later

Elastic strongly recommends users on affected versions to upgrade to 8.16.4, 8.17.2, or higher to address the security flaw.

For organizations unable to upgrade immediately, Elastic has outlined a temporary mitigation strategy. Users can disable the vulnerable integration assistant feature by editing the kibana.yml configuration file:

xpack.integration_assistant.enabled: false 

This measure will prevent exploitation but is not a substitute for applying the patched versions.

Severity and Impact

  • Severity Score: 8.7 (High)
  • CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N

This vulnerability poses a significant risk to organizations using affected Kibana versions, as it could allow attackers to inject malicious code into their systems.

Recommendations

  1. Update Immediately: Elastic advises users of Kibana versions 8.16.1 through 8.17.1 to upgrade to version 8.16.4 or 8.17.2 as soon as possible.
  2. Apply Mitigation Temporarily: For customers unable to upgrade, disable the integration assistant feature using the provided configuration.
  3. Monitor and Audit Systems: Organizations should monitor access logs, apply least privilege permissions to Kibana users, and conduct regular security audits to mitigate risks.

Elastic’s swift response emphasizes its commitment to security, but the incident highlights the importance of proactive patch management within organizations.

The advisory provides additional details for administrators and security teams to implement the recommended fixes.

Find this News Interesting! Follow us on Google NewsLinkedIn, & X to Get Instant Updates!

Divya
Divya
Divya is a Senior Journalist at GBhackers covering Cyber Attacks, Threats, Breaches, Vulnerabilities and other happenings in the cyber world.

Latest articles

Signal App Used by Trump Associate Targeted in Security Breach

A major security scare has erupted in Washington after reports emerged that a Trump...

CISA Issues Alert on Langflow Vulnerability Actively Exploited in Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent alert regarding an actively...

Windows Deployment Services Hit by 0-Click UDP Flaw Leading to System Failures

A newly discovered pre-authentication denial-of-service (DoS) vulnerability in Microsoft’s Windows Deployment Services (WDS) exposes enterprise networks...

Critical Microsoft 0-Click Telnet Vulnerability Enables Credential Theft Without User Action

A critical vulnerability has been uncovered in Microsoft’s Telnet Client (telnet.exe), enabling attackers to...

Resilience at Scale

Why Application Security is Non-Negotiable

The resilience of your digital infrastructure directly impacts your ability to scale. And yet, application security remains a critical weak link for most organizations.

Application Security is no longer just a defensive play—it’s the cornerstone of cyber resilience and sustainable growth. In this webinar, Karthik Krishnamoorthy (CTO of Indusface) and Phani Deepak Akella (VP of Marketing – Indusface), will share how AI-powered application security can help organizations build resilience by

Discussion points


Protecting at internet scale using AI and behavioral-based DDoS & bot mitigation.
Autonomously discovering external assets and remediating vulnerabilities within 72 hours, enabling secure, confident scaling.
Ensuring 100% application availability through platforms architected for failure resilience.
Eliminating silos with real-time correlation between attack surface and active threats for rapid, accurate mitigation

More like this

Signal App Used by Trump Associate Targeted in Security Breach

A major security scare has erupted in Washington after reports emerged that a Trump...

CISA Issues Alert on Langflow Vulnerability Actively Exploited in Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) issued an urgent alert regarding an actively...

Windows Deployment Services Hit by 0-Click UDP Flaw Leading to System Failures

A newly discovered pre-authentication denial-of-service (DoS) vulnerability in Microsoft’s Windows Deployment Services (WDS) exposes enterprise networks...