Unrated severityNVD Advisory· Published Apr 8, 2025· Updated Apr 8, 2025

CVE-2024-52974

Description

An issue has been identified where a specially crafted request sent to an Observability API could cause the kibana server to crash.

A successful attack requires a malicious user to have read permissions for Observability assigned to them.

osv-coords2 versions
pkg:bitnami/elk pkg:bitnami/kibana
>= 7.17.0, < 7.17.23+ 1 more
- (no CPE)range: >= 7.17.0, < 7.17.23
- (no CPE)range: >= 7.17.0, < 7.17.23
Elastic/Kibanav5
Range: 7.17.0

No patches discovered yet.

AI mechanics synthesis has not run for this CVE yet.

No linked articles in our index yet.