Elastic Kibana security update advisory (CVE-2024-43707)

Jan 31 2025

Overview

We have released a security update to address a vulnerability in Elastic Kibana. We encourage affected product users to update to the latest version.

Affected Products

CVE-2024-43707

Elastic Kibana version: 8.7.0 or later and at least prior to 8.15.0

Resolved Vulnerabilities

Vulnerability that allows users without Fleet access to view Elastic Agent policies (CVE-2024-43707)

Vulnerability Patches

Vulnerability patches have been made available in the latest updates. Please follow the instructions on the Referenced Sites to update to the latest Vulnerability Patches version.

CVE-2024-43707

Elastic Kibana version: 8.15

References

[1] Elastic Kibana up to 8.14.x information disclosure
https://vuldb.com/?id.293130

Elastic Kibana security update advisory (CVE-2024-43707)

ManageEngine (Applications Manager) Product January 2025 Security Update Advisory

Dell Product Security Update Advisory (CVE-2025-23374)

Tags:

ManageEngine (Applications Manager) Product January 2025 Security Update Advisory

Dell Product Security Update Advisory (CVE-2025-23374)