{"uuid": "c9dfefc8-c46a-4de3-8c54-888bd9cc9720", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-37285", "type": "seen", "source": "https://t.me/cvedetector/10977", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-37285 - Kibana Elasticsearch Deserialization Code Execution Vulnerability (Arbitrary Code Execution)\", \n  \"Content\": \"CVE ID : CVE-2024-37285 \nPublished : Nov. 14, 2024, 5:15 p.m. | 38\u00a0minutes ago \nDescription : A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. A successful attack requires a malicious user to have a combination of both specific  Elasticsearch indices privileges  \u00a0and  Kibana privileges  \u00a0assigned to them.  \n  \n  \n  \nThe following Elasticsearch indices permissions are required  \n  \n  *  write\u00a0privilege on the system indices .kibana_ingest*  \n  *  The allow_restricted_indices\u00a0flag is set to true  \n  \n  \nAny of the following Kibana privileges are additionally required  \n  \n  *  Under Fleet\u00a0the All\u00a0privilege is granted  \n  *  Under Integration\u00a0the Read\u00a0or All\u00a0privilege is granted  \n  *  Access to the fleet-setup\u00a0privilege is gained through the Fleet Server\u2019s service account token \nSeverity: 9.1 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-14T19:10:17.000000Z"}