VYPR
Unrated severityNVD Advisory· Published Mar 3, 2022· Updated Aug 3, 2024

CVE-2022-23709

CVE-2022-23709

Description

A flaw was discovered in Kibana in which users with Read access to the Uptime feature could modify alerting rules. A user with this privilege would be able to create new alerting rules or overwrite existing ones. However, any new or modified rules would not be enabled, and a user with this privilege could not modify alerting connectors. This effectively means that Read users could disable existing alerting rules.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Elastic/Kibanallm-fuzzy2 versions
    (expand)+ 1 more
    • (no CPE)
    • (no CPE)range: Versions 7.7.0 through 7.17.0, and 8.0.0

Patches

Vulnerability mechanics

References

1

News mentions

0

No linked articles in our index yet.