{"vulnerability": "cve-2024-5297", "sightings": [{"uuid": "171aa91a-f380-47f3-baf8-6d959a9bda4a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52973", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113866040068105795", "content": "", "creation_timestamp": "2025-01-21T11:11:27.529704Z"}, {"uuid": "9f1eed1b-a22d-4961-912b-db60bf8d06e7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52973", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113866055428187297", "content": "", "creation_timestamp": "2025-01-21T11:15:21.781720Z"}, {"uuid": "fbf5444f-a584-4e55-a485-05a77549ada3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52973", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgas6w54pd2r", "content": "", "creation_timestamp": "2025-01-21T11:54:25.776316Z"}, {"uuid": "396aa344-945e-42ed-a002-d89cff4f0e2e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52973", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgapzpxkvo2c", "content": "", "creation_timestamp": "2025-01-21T11:15:42.788400Z"}, {"uuid": "18adf52e-5447-4085-88aa-314961bd2bee", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52973", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113866626544916871", "content": "", "creation_timestamp": "2025-01-21T13:40:36.450758Z"}, {"uuid": "821f6435-9a16-46fa-83a0-6e3a4c3de36b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52972", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgfdjuiqlj2f", "content": "", "creation_timestamp": "2025-01-23T07:15:24.656313Z"}, {"uuid": "58f4ae96-4c1c-44c3-9b72-81e5aee8d370", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52975", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113876493631662291", "content": "", "creation_timestamp": "2025-01-23T07:29:56.094363Z"}, {"uuid": "01625607-a6f4-4bd5-9828-e921002a1f4c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52972", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgff62frhh2r", "content": "", "creation_timestamp": "2025-01-23T07:44:35.552708Z"}, {"uuid": "ebb1b13b-a615-4538-9fd4-8ef104677271", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52975", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgfgw6akn32p", "content": "", "creation_timestamp": "2025-01-23T08:15:58.794017Z"}, {"uuid": "e91a33dc-e4ca-4b84-842f-8d64490ed6f6", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52975", "type": "seen", "source": "https://mastodon.social/users/CyberSignaler/statuses/113876803983090327", "content": "", "creation_timestamp": "2025-01-23T08:48:51.735283Z"}, {"uuid": "79ba7994-ced2-48d2-b0a7-28f00f99de2c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52975", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgfisf3rs72h", "content": "", "creation_timestamp": "2025-01-23T08:49:39.034513Z"}, {"uuid": "4d7e42a6-42cb-4d01-ad6a-e17fd3794ef3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52975", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgfisff5z525", "content": "", "creation_timestamp": "2025-01-23T08:49:39.690521Z"}, {"uuid": "6877cab4-5574-4ef8-ad8d-3e8904b83005", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52975", "type": "seen", "source": "https://bsky.app/profile/dinosn.bsky.social/post/3lgpdxfpgjk2e", "content": "", "creation_timestamp": "2025-01-27T06:49:39.561049Z"}, {"uuid": "599b426d-ebfe-4959-a990-cf853dd3f2ef", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "cve-2024-52975", "type": "seen", "source": "https://bsky.app/profile/kyosuke-tanaka.bsky.social/post/3lgpglroqts2w", "content": "", "creation_timestamp": "2025-01-27T07:36:47.569071Z"}, {"uuid": "53666d1d-692b-4372-a86e-afcf83ff4e85", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52972", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113877990853818563", "content": "", "creation_timestamp": "2025-01-23T13:50:41.954035Z"}, {"uuid": "4ab33c17-f82b-4451-a447-5f48544e5603", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52975", "type": "seen", "source": "https://bsky.app/profile/vulnalerts.bsky.social/post/3lgg3arpfae22", "content": "", "creation_timestamp": "2025-01-23T14:19:52.162845Z"}, {"uuid": "8954d361-08cc-4207-987e-2705603dad39", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52972", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lh5kxwz5e22x", "content": "", "creation_timestamp": "2025-02-01T22:32:28.001092Z"}, {"uuid": "dfb54cc8-0ae8-41cc-a807-13847a5bce43", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52975", "type": "seen", "source": "https://bsky.app/profile/getpokemon7.bsky.social/post/3lgsnkrecgk2f", "content": "", "creation_timestamp": "2025-01-28T14:19:30.073978Z"}, {"uuid": "f335ecc1-03c2-4fc6-806c-76866ed6b611", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52975", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113872848727322418", "content": "", "creation_timestamp": "2025-01-22T16:02:59.252206Z"}, {"uuid": "bf4e69bc-3a7e-4887-bc3b-5eff6d221c7c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52974", "type": "seen", "source": "https://bsky.app/profile/omo.bsky.social/post/3lmg4abras22i", "content": "", "creation_timestamp": "2025-04-09T23:08:40.292894Z"}, {"uuid": "0732bc26-74aa-497c-a6eb-b6bee76a1284", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52972", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2713", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-52972\n\ud83d\udd39 Description: An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a specially crafted request to /api/metrics/snapshot. This can be carried out by users with read access to the Observability Metrics or Logs features in Kibana.\n\ud83d\udccf Published: 2025-01-23T06:11:10.715Z\n\ud83d\udccf Modified: 2025-01-23T06:11:10.715Z\n\ud83d\udd17 References:\n1. https://discuss.elastic.co/t/kibana-7-17-23-8-15-0-security-updates-esa-2024-32-esa-2024-33/373548", "creation_timestamp": "2025-01-23T07:03:18.000000Z"}, {"uuid": "f3ae3613-95ca-40d1-869e-bd8844506513", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52975", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2714", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-52975\n\ud83d\udd39 Description: An issue was identified in Fleet Server where Fleet policies that could contain sensitive information were logged on INFO and ERROR log levels. The nature of the sensitive information largely depends on the integrations enabled.\n\ud83d\udccf Published: 2025-01-23T07:19:39.170Z\n\ud83d\udccf Modified: 2025-01-23T07:19:39.170Z\n\ud83d\udd17 References:\n1. https://discuss.elastic.co/t/fleet-server-8-15-0-security-update-esa-2024-31/373522", "creation_timestamp": "2025-01-23T08:03:12.000000Z"}, {"uuid": "3a175c02-befd-4cdb-92e7-f8f23ddb5333", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52974", "type": "seen", "source": "https://t.me/cvedetector/22489", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52974 - Kibana Observability API Denial of Service (DoS)\", \n  \"Content\": \"CVE ID : CVE-2024-52974 \nPublished : April 8, 2025, 5:15 p.m. | 17\u00a0minutes ago \nDescription : An issue has been identified where a specially crafted request sent to an Observability API could cause the kibana server to crash.  \n  \nA successful attack requires a malicious user to have read permissions for Observability assigned to them. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"08 Apr 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-04-08T19:51:41.000000Z"}, {"uuid": "3473a1f2-6ecb-4fed-bad7-5690b9a9c5ca", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52973", "type": "seen", "source": "https://t.me/cvedetector/15916", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52973 - \"Kibana Observability-Logs Denial of Service Vulnerability\"\", \n  \"Content\": \"CVE ID : CVE-2024-52973 \nPublished : Jan. 21, 2025, 11:15 a.m. | 29\u00a0minutes ago \nDescription : An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a specially crafted request to /api/log_entries/summary. This can be carried out by users with read access to the Observability-Logs feature in Kibana. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-21T12:46:36.000000Z"}, {"uuid": "9c4a1523-342f-4633-a1a0-ab0f61b73bf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52975", "type": "seen", "source": "https://t.me/cvedetector/16166", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52975 - Fleet Server Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-52975 \nPublished : Jan. 23, 2025, 8:15 a.m. | 40\u00a0minutes ago \nDescription : An issue was identified in Fleet Server where Fleet policies that could contain sensitive information were logged on INFO and ERROR log levels. The nature of the sensitive information largely depends on the integrations enabled. \nSeverity: 9.0 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-23T09:57:16.000000Z"}, {"uuid": "145adf6e-3959-43c7-90ce-535ff46f37b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52972", "type": "seen", "source": "https://t.me/cvedetector/16165", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-52972 - Kibana Unchecked Metrics Snapshot Request Denial of Service\", \n  \"Content\": \"CVE ID : CVE-2024-52972 \nPublished : Jan. 23, 2025, 7:15 a.m. | 41\u00a0minutes ago \nDescription : An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a specially crafted request to /api/metrics/snapshot. This can be carried out by users with read access to the Observability Metrics or Logs features in Kibana. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-23T09:07:05.000000Z"}, {"uuid": "a6be8097-8c53-41d8-b629-09dd20efe96d", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-52975", "type": "seen", "source": "https://t.me/CyberBulletin/2181", "content": "\u26a1CVE-2024-52975 (CVSS 9.0): Fleet Server Update Patches Critical Information Exposure Vulnerability.\n\n#CyberBulletin", "creation_timestamp": "2025-01-27T11:24:21.000000Z"}]}