CNNVD-202506-3187 Information

CNNVD ID

CNNVD-202506-3187

Related CVE

CVE-2025-25012

• CNNVD Published: 2025-06-25

Description (Chinese)

Elastic Kibana是Elastic公司的一个可用数据可视化仪表板软件。 Elastic Kibana存在输入验证错误漏洞，该漏洞源于容易受到开放重定向和服务器端请求伪造攻击。

Description (English)

Elastic Kibana is a usable data visualization dashboard software for Elastic. Elastic Kibana has an input validation error that stems from its vulnerability to open re-direction and server requests for forgery attacks.

Hazard Level

High

Vulnerability Type

输入验证错误

Affected Vendor

Elby

Published

2025-06-25

Last Modified

2026-02-24

References

https://discuss.elastic.co/t/kibana-7-17-29-8-17-8-8-18-3-9-0-3-security-update-esa-2025-10/379444 https://nvd.nist.gov/vuln/detail/CVE-2025-25012

Patch

https://www.elastic.co/downloads/kibana