CVE-2026-49095
Description
Improper Input Validation (CWE-20) in the Kibana Fleet agent policy management feature can lead to privilege escalation. An authenticated user with Fleet management privileges can manipulate agent policy configuration by injecting values into a configuration override mechanism that is not adequately validated. An attacker can cause Elastic Agents to be issued API keys with elevated Elasticsearch privileges, potentially granting unauthorized read and write access to sensitive Elasticsearch security indices beyond what is intended for the Fleet management role.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Improper input validation in Kibana Fleet agent policy management allows privilege escalation via API key injection.
Vulnerability
An improper input validation vulnerability (CWE-20) exists in the Kibana Fleet agent policy management feature. An authenticated user with the fleet-all application privilege can inject arbitrary values into a configuration override mechanism that is not adequately validated. This affects Kibana versions 8.0.0 through 8.19.15, 9.0.0 through 9.3.4, and 9.4.0 through 9.4.1 [1].
Exploitation
An attacker must be authenticated and have the Fleet management application privilege (fleet-all). By manipulating the agent policy configuration via the override mechanism, the attacker can cause Elastic Agents to be issued API keys with elevated Elasticsearch privileges [1]. No additional user interaction or network position beyond normal Kibana access is required.
Impact
Successful exploitation allows the attacker to obtain API keys that grant unauthorized read and write access to sensitive Elasticsearch security indices. This constitutes a privilege escalation beyond the intended scope of the Fleet management role, potentially leading to full compromise of Elasticsearch security settings [1].
Mitigation
The issue is resolved in Kibana versions 8.19.16, 9.3.5, and 9.4.2 [1]. For users who cannot upgrade immediately, restricting the fleet-all Kibana application privilege is a recommended workaround. Elastic Cloud Serverless deployments were remediated before public disclosure [1].
AI Insight generated on May 28, 2026. Synthesized from this CVE's description and the cited reference URLs; citations are validated against the source bundle.
Affected products
2Patches
0No patches discovered yet.
Vulnerability mechanics
No source-code context for this CVE — mechanics is only generated when we can read the actual fix diff. Without that, the four sections (root cause, attack vector, affected code, fix) would be speculation rather than analysis.
References
1News mentions
0No linked articles in our index yet.