CNNVD-202508-3361 Information

CNNVD ID

CNNVD-202508-3361

Related CVE

CVE-2025-25010

• CNNVD Published: 2025-08-28

Description (Chinese)

Elastic Kibana是Elastic公司的一个可用数据可视化仪表板软件。 Elastic Kibana存在安全漏洞，该漏洞源于内置reporting_user角色授权不当，可能导致权限提升。

Description (English)

Elastic Kibana is a usable data visualization dashboard software for Elastic. Elastic Kibana has a security loophole, which stems from an in-house reporting user role misauthorization, which may lead to increased authority.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Elastic

Published

2025-08-28

Last Modified

2026-02-24

References

https://discuss.elastic.co/t/kibana-9-0-6-9-1-3-security-update-esa-2025-13/381426 https://nvd.nist.gov/vuln/detail/CVE-2025-25010