CNNVD-202511-1498 Information

Nov 12, 2025 cve

CNNVD ID

CNNVD-202511-1498

CVE-2025-37734

CNNVD Published: 2025-11-12

Description (Chinese)

Elastic Kibana是Elastic公司的一个可用数据可视化仪表板软件。 Elastic Kibana存在安全漏洞，该漏洞源于Origin验证错误，可能导致服务端请求伪造攻击。

Description (English)

Elastic Kibana is a usable data visualization dashboard software for Elastic. Elastic Kibana had a security loophole, which stemmed from the Origin verification error, which could lead the service to request a false attack.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

Elastic

Published

2025-11-12

Last Modified

2026-02-24

References

https://discuss.elastic.co/t/kibana-8-19-7-9-1-7-and-9-2-1-security-update-esa-2025-24/383381

Patch

https://discuss.elastic.co/t/kibana-8-19-7-9-1-7-and-9-2-1-security-update-esa-2025-24/383381

Share on: