Elastic Security disclosed serious vulnerabilities in Kibana that can lead to Server-Side Request Forgery (SSRF) and Cross-Site Scripting (XSS) attacks. The primary issue, tracked as CVE-2025-37734, results from insufficient origin validation in Kibana’s Observability AI Assistant feature. By exploiting this flaw, attackers can forge Origin HTTP headers, allowing them to bypass security safeguards and potentially manipulate Kibana’s behavior to send unauthorized requests.
This vulnerability affects numerous Kibana versions, including 8.12.0 to 8.19.6 and 9.1.0 to 9.1.6, which highlights its importance for organizations utilizing those deployments. Although the CVSS score is rated as medium at 4.3, the implications of unauthorized internal access and data manipulation cannot be underestimated. Organizations are urged to upgrade to patched versions (8.19.7, 9.1.7, and 9.2.1) immediately and consider disabling the Observability AI Assistant until they can apply these patches. Adopting network segmentation and strict access controls is also recommended to mitigate potential risks related to SSRF exploitation.
👉 Pročitaj original: Cyber Security News
