Unrated severityNVD Advisory· Published Aug 13, 2024· Updated Aug 13, 2024
Kibana arbitrary code execution via prototype pollution
CVE-2024-37287
Description
A flaw allowing arbitrary code execution was discovered in Kibana. An attacker with access to ML and Alerting connector features, as well as write access to internal ML indices can trigger a prototype pollution vulnerability, ultimately leading to arbitrary code execution.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1Patches
Vulnerability mechanics
References
1News mentions
0No linked articles in our index yet.