The vulnerabilities stem from inadequate origin validation in the Observability AI Assistant component.
The primary vulnerability, tracked as CVE-2025-37734 under Elastic Security Advisory ESA-2025-24, involves an origin validation error in Kibana.
This flaw allows attackers to forge Origin HTTP headers, bypassing security controls designed to prevent unauthorized requests from external sources.
By exploiting this weakness, malicious actors can craft requests that trick Kibana into sending requests to unintended destinations or executing unintended actions.
| Field | Details |
|---|---|
| CVE ID | CVE-2025-37734 |
| Vulnerability Type | Origin Validation Error (SSRF) |
| CVSS Score | 4.3 (Medium) |
| Attack Vector | Network |
| Affected Versions | 8.12.0-8.19.6, 9.1.0-9.1.6, 9.2.0 |
| Patch Versions | 8.19.7, 9.1.7, 9.2.1 |
The SSRF vulnerability enables attackers to access internal network resources or services that should remain isolated from external access.
This can lead to information disclosure, lateral movement within networks, or further exploitation of backend systems.
The vulnerability affects multiple Kibana versions, making it a widespread concern for organizations running affected deployments.
Elastic researchers report that the vulnerability only affects deployments actively using the Observability AI Assistant feature. The vulnerability impacts: Kibana 8.12.0 through 8.19.6, Kibana 9.1.0 through 9.1.6, and Kibana 9.2.0.
Organizations without this component enabled are not affected by this flaw, which has a medium severity rating (CVSS v3.1 score of 4.3).
While this may seem moderate, the impact should not be underestimated given the potential for unauthorized internal network access and data manipulation.
Elastic has released patched versions addressing this vulnerability. Organizations should immediately upgrade to: Kibana 8.19.7, Kibana 9.1.7, and Kibana 9.2.1.
Elastic Cloud Serverless customers are already protected, as continuous deployment and patching models remediated this vulnerability before public disclosure.
Organizations unable to upgrade immediately should consider turning off the Observability AI Assistant feature until patches can be applied.
Additionally, implementing network segmentation and access controls can help limit the potential impact of SSRF exploitation.
Follow us on Google News, LinkedIn, and X for daily cybersecurity updates. Contact us to feature your stories.
The post Multiple Kibana Vulnerabilities Enables SSRF and XSS Attacks appeared first on Cyber Security News.
Robert Pattinson has provided an update on The Batman 2, teasing its "extraordinary" script and…
Games Workshop has brought back another much-loved Warhammer 40,000 character with a flashy new trailer…
I left Marathon's pre-release server slam convinced that I was dying too quickly, and that…
The CEO of Take-Two Interactive — the parent company that owns GTA developer Rockstar —…
An official Cyberpunk Trading Card Game has raised $7.5 million on Kickstarter, hitting its $100,000…
Stringr is launching Genna, an independent AI company designed to help media organizations automate video…
This website uses cookies.