VYPR
Unrated severityNVD Advisory· Published May 4, 2023· Updated Jan 29, 2025

CVE-2023-31415

CVE-2023-31415

Description

Kibana version 8.7.0 contains an arbitrary code execution flaw. An attacker with All privileges to the Uptime/Synthetics feature could send a request that will attempt to execute JavaScript code. This could lead to the attacker executing arbitrary commands on the host system with permissions of the Kibana process.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Elastic/Kibanallm-fuzzy2 versions
    = 8.7.0+ 1 more
    • (no CPE)range: = 8.7.0
    • (no CPE)range: version 8.7.0

Patches

Vulnerability mechanics

References

2

News mentions

0

No linked articles in our index yet.