Kibana Security Update Advisory (CVE-2024-37288)

Sep 11 2024

Overview

An update has been released to address vulnerabilities in Kibana. Users of the affected versions are advised to update to the latest version.

Affected Products

CVE-2024-37288

Kibana version: 8.15.0

Resolved Vulnerabilities

Vulnerability that could allow arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload (CVE-2024-37288)

Vulnerability Patches

The following product-specific Vulnerability Patches have been made available in the latest update. If you are using an affected version, Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-37288

Kibana version: 8.15.1

References

[1] CVE-2024-37288 Detail

https://nvd.nist.gov/vuln/detail/CVE-2024-37288

[2] Kibana 8.15.1 Security Update (ESA-2024-27, ESA-2024-28)

https://discuss.elastic.co/t/kibana-8-15-1-security-update-esa-2024-27-esa-2024-28/366119

Kibana Security Update Advisory (CVE-2024-37288)

Siemens Product Security Update Advisory

MS Family September 2024 Routine Security Update Advisory

Tags:

Siemens Product Security Update Advisory

MS Family September 2024 Routine Security Update Advisory