{"vulnerability": "cve-2024-37285", "sightings": [{"uuid": "4134265b-9958-4237-ab8d-cf92088c3e7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-37285", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113482361409012497", "content": "", "creation_timestamp": "2024-11-14T16:56:55.590763Z"}, {"uuid": "54c71b07-3899-468a-b33f-450f2a8d5956", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-37285", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/12529", "content": "\u200aCritical Kibana Flaws (CVE-2024-37288, CVE-2024-37285) Expose Systems to Arbitrary Code Execution\n\nhttps://securityonline.info/critical-kibana-flaws-cve-2024-37288-cve-2024-37285-expose-systems-to-arbitrary-code-execution/", "creation_timestamp": "2024-09-09T09:27:41.000000Z"}, {"uuid": "a663bab6-1d17-4518-befa-fc94da3b9b5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-37285", "type": "seen", "source": "https://t.me/CyberBulletin/591", "content": "\u26a1\ufe0fCritical Kibana Flaws (CVE-2024-37288, CVE-2024-37285) Expose Systems to Arbitrary Code Execution.\n\n#CyberBulletin", "creation_timestamp": "2024-09-09T07:57:07.000000Z"}, {"uuid": "c9dfefc8-c46a-4de3-8c54-888bd9cc9720", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-37285", "type": "seen", "source": "https://t.me/cvedetector/10977", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-37285 - Kibana Elasticsearch Deserialization Code Execution Vulnerability (Arbitrary Code Execution)\", \n  \"Content\": \"CVE ID : CVE-2024-37285 \nPublished : Nov. 14, 2024, 5:15 p.m. | 38\u00a0minutes ago \nDescription : A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. A successful attack requires a malicious user to have a combination of both specific  Elasticsearch indices privileges  \u00a0and  Kibana privileges  \u00a0assigned to them.  \n  \n  \n  \nThe following Elasticsearch indices permissions are required  \n  \n  *  write\u00a0privilege on the system indices .kibana_ingest*  \n  *  The allow_restricted_indices\u00a0flag is set to true  \n  \n  \nAny of the following Kibana privileges are additionally required  \n  \n  *  Under Fleet\u00a0the All\u00a0privilege is granted  \n  *  Under Integration\u00a0the Read\u00a0or All\u00a0privilege is granted  \n  *  Access to the fleet-setup\u00a0privilege is gained through the Fleet Server\u2019s service account token \nSeverity: 9.1 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-14T19:10:17.000000Z"}, {"uuid": "c4c55e54-56f4-41c1-816f-30b4267c9bf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-37285", "type": "seen", "source": "https://t.me/CyberBulletin/597", "content": "Critical Kibana Flaws Expose Systems to Arbitrary Code Execution\n\nURGENT: Critical security advisory for #Kibana users. Update to version 8.15.1 now to mitigate vulnerabilities CVE-2024-37288 (CVSS 9.9) and CVE-2024-37285 (CVSS 9.1). \n\n#CyberBulletin", "creation_timestamp": "2024-09-09T09:59:46.000000Z"}, {"uuid": "e58f006e-af65-414d-aa33-77842bc0d816", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-37285", "type": "seen", "source": "https://t.me/InfoSecInsider/23714", "content": "\u26a1\ufe0fCritical Kibana Flaws (CVE-2024-37288, CVE-2024-37285) Expose Systems to Arbitrary Code Execution.\n\n#CyberBulletin", "creation_timestamp": "2024-09-09T10:00:11.000000Z"}, {"uuid": "b0d249df-e89c-4a7a-9ece-4b1047afaa71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-37285", "type": "seen", "source": "https://t.me/InfoSecInsider/239", "content": "Critical Kibana Flaws Expose Systems to Arbitrary Code Execution\n\nURGENT: Critical security advisory for #Kibana users. Update to version 8.15.1 now to mitigate vulnerabilities CVE-2024-37288 (CVSS 9.9) and CVE-2024-37285 (CVSS 9.1). \n\n#CyberBulletin", "creation_timestamp": "2024-09-09T10:00:16.000000Z"}, {"uuid": "1445e25e-4ee1-4c57-9654-d87a370a0a24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-37285", "type": "seen", "source": "https://t.me/InfoSecInsider/23720", "content": "Critical Kibana Flaws Expose Systems to Arbitrary Code Execution\n\nURGENT: Critical security advisory for #Kibana users. Update to version 8.15.1 now to mitigate vulnerabilities CVE-2024-37288 (CVSS 9.9) and CVE-2024-37285 (CVSS 9.1). \n\n#CyberBulletin", "creation_timestamp": "2024-09-09T10:00:15.000000Z"}, {"uuid": "da45bd9d-5435-47c1-972f-b1b87d12a7e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-37285", "type": "seen", "source": "https://t.me/InfoSecInsider/233", "content": "\u26a1\ufe0fCritical Kibana Flaws (CVE-2024-37288, CVE-2024-37285) Expose Systems to Arbitrary Code Execution.\n\n#CyberBulletin", "creation_timestamp": "2024-09-09T10:00:16.000000Z"}]}