Search criteria
7 vulnerabilities found for Elastic Defend by Elastic
CERTFR-2026-AVI-0826
Vulnerability from certfr_avis - Published: 2026-07-02 - Updated: 2026-07-02
De multiples vulnérabilités ont été découvertes dans les produits Elastic. Certaines d'entre elles permettent à un attaquant de provoquer un déni de service à distance, une atteinte à la confidentialité des données et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Kibana | Kibana versions 8.17.x antérieures à 8.17.2 | ||
| Elastic | Kibana | Kibana versions 8.19.x antérieures à 8.19.17 | ||
| Elastic | Fleet Server | Fleet Server versions 8.x antérieures à 8.19.15 | ||
| Elastic | Elastic Defend | Elastic Defend versions 9.3.x antérieures à 9.3.2 | ||
| Elastic | Kibana | Kibana versions 8.18.x antérieures à 8.18.9 | ||
| Elastic | Elasticsearch | Elasticsearch versions 9.4.x antérieures à 9.4.3 | ||
| Elastic | Kibana | Kibana versions 8.x antérieures à 8.16.3 | ||
| Elastic | Elastic Defend | Elastic Defend versions 9.x antérieures à 9.2.7 | ||
| Elastic | Elasticsearch | Elasticsearch versions 8.x antérieures à 8.19.17 | ||
| Elastic | Elasticsearch | Elasticsearch versions 9.x antérieures à 9.3.5 | ||
| Elastic | Elasticsearch | Elasticsearch versions 7.x antérieures à 7.17.24 | ||
| Elastic | Elastic Defend | Elastic Defend versions postérieures à 8.6.x antérieures à 8.19.13 | ||
| Elastic | Kibana | Kibana versions 7.x antérieures à 7.17.15 | ||
| Elastic | Kibana | Kibana versions 9.x antérieures à 9.0.8, 9.1.6, 9.3.6 ou 9.4.3 | ||
| Elastic | Fleet Server | Fleet Server versions 9.x antérieures à 9.3.4 |
| Title | Publication Time | Tags | |||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Kibana versions 8.17.x ant\u00e9rieures \u00e0 8.17.2",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 8.19.x ant\u00e9rieures \u00e0 8.19.17",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Fleet Server versions 8.x ant\u00e9rieures \u00e0 8.19.15",
"product": {
"name": "Fleet Server",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elastic Defend versions 9.3.x ant\u00e9rieures \u00e0 9.3.2",
"product": {
"name": "Elastic Defend",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 8.18.x ant\u00e9rieures \u00e0 8.18.9",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 9.4.x ant\u00e9rieures \u00e0 9.4.3",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 8.x ant\u00e9rieures \u00e0 8.16.3",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elastic Defend versions 9.x ant\u00e9rieures \u00e0 9.2.7",
"product": {
"name": "Elastic Defend",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 8.x ant\u00e9rieures \u00e0 8.19.17",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 9.x ant\u00e9rieures \u00e0 9.3.5",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 7.x ant\u00e9rieures \u00e0 7.17.24",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elastic Defend versions post\u00e9rieures \u00e0 8.6.x ant\u00e9rieures \u00e0 8.19.13",
"product": {
"name": "Elastic Defend",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 7.x ant\u00e9rieures \u00e0 7.17.15",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 9.x ant\u00e9rieures \u00e0 9.0.8, 9.1.6, 9.3.6 ou 9.4.3",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Fleet Server versions 9.x ant\u00e9rieures \u00e0 9.3.4",
"product": {
"name": "Fleet Server",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2026-49091",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-49091"
},
{
"name": "CVE-2026-56150",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-56150"
},
{
"name": "CVE-2026-56151",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-56151"
},
{
"name": "CVE-2026-49090",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-49090"
},
{
"name": "CVE-2026-32283",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-32283"
},
{
"name": "CVE-2026-56149",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-56149"
},
{
"name": "CVE-2026-56152",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-56152"
},
{
"name": "CVE-2026-56148",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-56148"
},
{
"name": "CVE-2026-49089",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-49089"
},
{
"name": "CVE-2026-49088",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-49088"
},
{
"name": "CVE-2026-49087",
"url": "https://www.cve.org/CVERecord?id=CVE-2026-49087"
}
],
"initial_release_date": "2026-07-02T00:00:00",
"last_revision_date": "2026-07-02T00:00:00",
"links": [],
"reference": "CERTFR-2026-AVI-0826",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2026-07-02T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Elastic. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance, une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Elastic",
"vendor_advisories": [
{
"published_at": "2026-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic 387445",
"url": "https://discuss.elastic.co/t/kibana-8-18-9-8-19-6-9-0-8-9-1-6-security-update-esa-2026-50/387445"
},
{
"published_at": "2026-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic 387446",
"url": "https://discuss.elastic.co/t/kibana-8-16-3-8-17-2-security-update-esa-2026-51/387446"
},
{
"published_at": "2026-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic 387443",
"url": "https://discuss.elastic.co/t/elastic-defend-8-19-13-9-2-7-9-3-2-security-update-esa-2026-46/387443"
},
{
"published_at": "2026-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic 387438",
"url": "https://discuss.elastic.co/t/fleet-server-8-19-15-9-3-4-9-4-0-security-update-esa-2026-41/387438"
},
{
"published_at": "2026-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic 387440",
"url": "https://discuss.elastic.co/t/elasticsearch-8-19-17-9-3-6-9-4-3-security-update-esa-2026-43/387440"
},
{
"published_at": "2026-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic 387444",
"url": "https://discuss.elastic.co/t/kibana-8-19-15-9-3-4-security-update-esa-2026-49/387444"
},
{
"published_at": "2026-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic 387449",
"url": "https://discuss.elastic.co/t/kibana-7-17-15-8-11-1-security-update-esa-2026-53/387449"
},
{
"published_at": "2026-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic 387439",
"url": "https://discuss.elastic.co/t/elasticsearch-8-19-17-9-3-6-9-4-3-security-update-esa-2026-42/387439"
},
{
"published_at": "2026-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic 387442",
"url": "https://discuss.elastic.co/t/kibana-8-19-17-9-3-6-9-4-3-security-update-esa-2026-45/387442"
},
{
"published_at": "2026-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic 387447",
"url": "https://discuss.elastic.co/t/elasticsearch-7-17-24-8-15-0-security-update-esa-2026-52/387447"
},
{
"published_at": "2026-07-01",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic 387441",
"url": "https://discuss.elastic.co/t/fleet-server-8-19-11-9-2-5-9-3-0-security-update-esa-2026-44/387441"
}
]
}
CERTFR-2025-AVI-0975
Vulnerability from certfr_avis - Published: 2025-11-07 - Updated: 2025-11-07
Une vulnérabilité a été découverte dans Elastic Defend. Elle permet à un attaquant de provoquer une élévation de privilèges et une atteinte à l'intégrité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elastic Defend | Elastic Defend versions 9.x antérieures à 9.1.6 | ||
| Elastic | Elastic Defend | Elastic Defend versions antérieures à 8.19.6 |
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elastic Defend versions 9.x ant\u00e9rieures \u00e0 9.1.6",
"product": {
"name": "Elastic Defend",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elastic Defend versions ant\u00e9rieures \u00e0 8.19.6",
"product": {
"name": "Elastic Defend",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2025-37735",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-37735"
}
],
"initial_release_date": "2025-11-07T00:00:00",
"last_revision_date": "2025-11-07T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0975",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-11-07T00:00:00.000000"
}
],
"risks": [
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans Elastic Defend. Elle permet \u00e0 un attaquant de provoquer une \u00e9l\u00e9vation de privil\u00e8ges et une atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es.",
"title": "Vuln\u00e9rabilit\u00e9 dans Elastic Defend",
"vendor_advisories": [
{
"published_at": "2025-11-06",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-23",
"url": "https://discuss.elastic.co/t/elastic-defend-8-19-6-9-1-6-and-9-2-0-security-update-esa-2025-23/383272"
}
]
}
CERTFR-2025-AVI-0298
Vulnerability from certfr_avis - Published: 2025-04-09 - Updated: 2025-04-09
De multiples vulnérabilités ont été découvertes dans les produits Elastic. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et une atteinte à la confidentialité des données.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Kibana | Kibana versions 8.17.x antérieures à 8.17.2 | ||
| Elastic | Logstash | Logstash versions antérieures à 8.15.3 | ||
| Elastic | Elastic Defend | Elastic Defend versions antérieures à 8.17.3 | ||
| Elastic | Kibana | Kibana versions 8.16.x antérieures à 8.16.4 | ||
| Elastic | Kibana | Kibana versions 7.17.x antérieures à 7.17.23 | ||
| Elastic | Kibana | Kibana versions 8.15.x antérieures à 8.15.1 | ||
| Elastic | Elasticsearch | Elasticsearch versions 8.15.x antérieures à 8.15.1 | ||
| Elastic | Elasticsearch | Elasticsearch versions 7.17.x antérieures à 7.17.24 |
| Title | Publication Time | Tags | |||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Kibana versions 8.17.x ant\u00e9rieures \u00e0 8.17.2",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Logstash versions ant\u00e9rieures \u00e0 8.15.3",
"product": {
"name": "Logstash",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elastic Defend versions ant\u00e9rieures \u00e0 8.17.3",
"product": {
"name": "Elastic Defend",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 8.16.x ant\u00e9rieures \u00e0 8.16.4",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 7.17.x ant\u00e9rieures \u00e0 7.17.23",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 8.15.x ant\u00e9rieures \u00e0 8.15.1",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 8.15.x ant\u00e9rieures \u00e0 8.15.1",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 7.17.x ant\u00e9rieures \u00e0 7.17.24",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-12556",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-12556"
},
{
"name": "CVE-2024-43380",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43380"
},
{
"name": "CVE-2024-52980",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52980"
},
{
"name": "CVE-2025-25013",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-25013"
},
{
"name": "CVE-2024-52974",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52974"
},
{
"name": "CVE-2024-52981",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52981"
},
{
"name": "CVE-2024-49761",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-49761"
}
],
"initial_release_date": "2025-04-09T00:00:00",
"last_revision_date": "2025-04-09T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0298",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-04-09T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Elastic. Certaines d\u0027entre elles permettent \u00e0 un attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Elastic",
"vendor_advisories": [
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-37",
"url": "https://discuss.elastic.co/t/elasticsearch-7-17-24-and-8-15-1-security-update-esa-2024-37/376924"
},
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-02",
"url": "https://discuss.elastic.co/t/kibana-8-16-4-and-8-17-2-security-update-esa-2025-02/376918"
},
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-35",
"url": "https://discuss.elastic.co/t/logstash-8-15-1-security-update-esa-2024-35/376920"
},
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-34",
"url": "https://discuss.elastic.co/t/elasticsearch-8-15-1-security-update-esa-2024-34/376919"
},
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2025-05",
"url": "https://discuss.elastic.co/t/elastic-defend-8-17-3-security-update-esa-2025-05/376921"
},
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-48",
"url": "https://discuss.elastic.co/t/logstash-8-15-3-8-16-0-security-update-esa-2024-48/376922"
},
{
"published_at": "2025-04-08",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-36",
"url": "https://discuss.elastic.co/t/kibana-7-17-23-and-8-15-1-security-update-esa-2024-36/376923"
}
]
}
CERTFR-2025-AVI-0050
Vulnerability from certfr_avis - Published: 2025-01-21 - Updated: 2025-01-21
De multiples vulnérabilités ont été découvertes dans les produits Elastic. Elles permettent à un attaquant de provoquer un déni de service à distance.
Solutions
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Elastic | Elastic Defend | Elastic Defend versions 8.13.x antérieures à 8.13.3 | ||
| Elastic | Elasticsearch | Elasticsearch versions 7.17.x antérieures à 7.17.21 | ||
| Elastic | Kibana | Kibana versions 7.17.x antérieures à 7.17.23 | ||
| Elastic | Kibana | Kibana versions 8.14.x antérieures à 8.14.2 | ||
| Elastic | Elasticsearch | Elasticsearch versions 8.13.x antérieures à 8.13.3 |
| Title | Publication Time | Tags | |||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Elastic Defend versions 8.13.x ant\u00e9rieures \u00e0 8.13.3",
"product": {
"name": "Elastic Defend",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 7.17.x ant\u00e9rieures \u00e0 7.17.21",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 7.17.x ant\u00e9rieures \u00e0 7.17.23",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Kibana versions 8.14.x ant\u00e9rieures \u00e0 8.14.2",
"product": {
"name": "Kibana",
"vendor": {
"name": "Elastic",
"scada": false
}
}
},
{
"description": "Elasticsearch versions 8.13.x ant\u00e9rieures \u00e0 8.13.3",
"product": {
"name": "Elasticsearch",
"vendor": {
"name": "Elastic",
"scada": false
}
}
}
],
"affected_systems_content": "",
"content": "## Solutions\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des correctifs (cf. section Documentation).",
"cves": [
{
"name": "CVE-2024-43709",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-43709"
},
{
"name": "CVE-2024-37284",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-37284"
},
{
"name": "CVE-2024-52973",
"url": "https://www.cve.org/CVERecord?id=CVE-2024-52973"
}
],
"initial_release_date": "2025-01-21T00:00:00",
"last_revision_date": "2025-01-21T00:00:00",
"links": [],
"reference": "CERTFR-2025-AVI-0050",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2025-01-21T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 d\u00e9couvertes dans les produits Elastic. Elles permettent \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance.",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Elastic",
"vendor_advisories": [
{
"published_at": "2025-01-21",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-26",
"url": "https://discuss.elastic.co/t/kibana-7-17-23-and-8-14-2-security-update-esa-2024-26/373443"
},
{
"published_at": "2025-01-21",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-24",
"url": "https://discuss.elastic.co/t/elastic-defend-8-13-3-security-update-esa-2024-24/373441"
},
{
"published_at": "2025-01-21",
"title": "Bulletin de s\u00e9curit\u00e9 Elastic ESA-2024-25",
"url": "https://discuss.elastic.co/t/elasticsearch-7-17-21-and-8-13-3-security-update-esa-2024-25/373442"
}
]
}
CVE-2026-56152 (GCVE-0-2026-56152)
Vulnerability from cvelistv5 – Published: 2026-07-01 16:32 – Updated: 2026-07-01 17:25- CWE-863 - Incorrect Authorization
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Elastic | Elastic Defend |
Affected:
9.3.0 , ≤ 9.3.1
(semver)
Affected: 8.6.0 , ≤ 8.19.12 (semver) Affected: 9.0.0 , ≤ 9.2.6 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2026-56152",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2026-07-01T17:19:23.798243Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T17:25:07.934Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "Elastic Defend",
"vendor": "Elastic",
"versions": [
{
"lessThanOrEqual": "9.3.1",
"status": "affected",
"version": "9.3.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "8.19.12",
"status": "affected",
"version": "8.6.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "9.2.6",
"status": "affected",
"version": "9.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eIncorrect Authorization (CWE-863) in Elastic Defend can lead to unauthorized information disclosure via Accessing Functionality Not Properly Constrained by ACLs (CAPEC-1). Under certain conditions, a low-privileged authenticated user can access response action data that they are not authorized to view.\u003c/p\u003e"
}
],
"value": "Incorrect Authorization (CWE-863) in Elastic Defend can lead to unauthorized information disclosure via Accessing Functionality Not Properly Constrained by ACLs (CAPEC-1). Under certain conditions, a low-privileged authenticated user can access response action data that they are not authorized to view."
}
],
"impacts": [
{
"capecId": "CAPEC-1",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-1 Accessing Functionality Not Properly Constrained by ACLs"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-863",
"description": "CWE-863 Incorrect Authorization",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2026-07-01T16:32:21.830Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/elastic-defend-8-19-13-9-2-7-9-3-2-security-update-esa-2026-46"
}
],
"source": {
"discovery": "Elastic"
},
"title": "Incorrect Authorization in Elastic Defend Leading to Information Disclosure",
"x_generator": {
"engine": "Elastic CVE Publisher 0.0.1"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2026-56152",
"datePublished": "2026-07-01T16:32:21.830Z",
"dateReserved": "2026-06-19T11:01:02.535Z",
"dateUpdated": "2026-07-01T17:25:07.934Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-25013 (GCVE-0-2025-25013)
Vulnerability from cvelistv5 – Published: 2025-04-08 22:16 – Updated: 2025-04-09 19:28- CWE-532 - Insertion of Sensitive Information into Log File
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Elastic | Elastic Defend |
Affected:
8.0.0 , < 8.17.3
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-25013",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-09T19:28:00.197694Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-09T19:28:32.185Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"MacOS"
],
"product": "Elastic Defend",
"vendor": "Elastic",
"versions": [
{
"lessThan": "8.17.3",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "Improper restriction of environment variables in Elastic Defend can lead to exposure of sensitive information such as API keys and tokens via automatic transmission of unfiltered environment variables to the stack."
}
],
"value": "Improper restriction of environment variables in Elastic Defend can lead to exposure of sensitive information such as API keys and tokens via automatic transmission of unfiltered environment variables to the stack."
}
],
"impacts": [
{
"capecId": "CAPEC-117",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-117 Interception"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-532",
"description": "CWE-532 Insertion of Sensitive Information into Log File",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T22:16:00.886Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/elastic-defend-8-17-3-security-update-esa-2025-05/376921"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Elastic Defend Insertion of Sensitive Information into Log Files",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2025-25013",
"datePublished": "2025-04-08T22:16:00.886Z",
"dateReserved": "2025-01-31T15:28:16.917Z",
"dateUpdated": "2025-04-09T19:28:32.185Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2024-37284 (GCVE-0-2024-37284)
Vulnerability from cvelistv5 – Published: 2025-01-21 10:56 – Updated: 2025-01-21 16:32- CWE-755 - Improper Handling of Exceptional Conditions
| Vendor | Product | Version | ||
|---|---|---|---|---|
| Elastic | Elastic Defend |
Affected:
8.0.0 , < 8.13.3
(semver)
|
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2024-37284",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-01-21T16:31:54.500610Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T16:32:03.006Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"platforms": [
"Windows"
],
"product": "Elastic Defend",
"vendor": "Elastic",
"versions": [
{
"lessThan": "8.13.3",
"status": "affected",
"version": "8.0.0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cspan style=\"background-color: transparent;\"\u003eImproper handling of alternate encoding occurs when Elastic Defend on Windows systems attempts to scan a file or process encoded as a multibyte character. This leads to an uncaught exception causing Elastic Defend to crash which in turn will prevent it from quarantining the file and/or killing the process.\u003c/span\u003e\u003cbr\u003e"
}
],
"value": "Improper handling of alternate encoding occurs when Elastic Defend on Windows systems attempts to scan a file or process encoded as a multibyte character. This leads to an uncaught exception causing Elastic Defend to crash which in turn will prevent it from quarantining the file and/or killing the process."
}
],
"impacts": [
{
"capecId": "CAPEC-130",
"descriptions": [
{
"lang": "en",
"value": "CAPEC-130 Excessive Allocation"
}
]
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 5.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "REQUIRED",
"vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:R/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-755",
"description": "CWE-755 Improper Handling of Exceptional Conditions",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-01-21T10:56:14.762Z",
"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"shortName": "elastic"
},
"references": [
{
"url": "https://discuss.elastic.co/t/elastic-defend-8-13-3-security-update-esa-2024-24/373441"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "Elastic Defend Improper Handling of Alternate Encoding Leads to Crash",
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a",
"assignerShortName": "elastic",
"cveId": "CVE-2024-37284",
"datePublished": "2025-01-21T10:56:14.762Z",
"dateReserved": "2024-06-05T14:21:14.942Z",
"dateUpdated": "2025-01-21T16:32:03.006Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}