CVE-2025-68422 | Elastic Kibana up to 7.17.29/8.19.6/9.1.6 HTTP Request authorization

Inserito da Angelo Barbosa | Dic 19, 2025 | CVE

A vulnerability identified as problematic has been detected in Elastic Kibana up to 7.17.29/8.19.6/9.1.6. Affected by this vulnerability is an unknown functionality of the component HTTP Request Handler. The manipulation leads to incorrect authorization.

This vulnerability is referenced as CVE-2025-68422. Remote exploitation of the attack is possible. No exploit is available.

You should upgrade the affected component.

CVE-2025-68422 | Elastic Kibana up to 7.17.29/8.19.6/9.1.6 HTTP Request authorization

Post correlati

CVE-2023-34087 | GTKWave 3.3.115 array index (TALOS-2023-1803)

CVE-2025-5387 | JeeWMS up to 20250504 File generateController.do?dogenerate access control (IC5FNV)

CVE-2024-27570 | LBT T300-T390 2.2.1.8 HTTP POST Request generate_conf_router ApCliSsid stack-based overflow

CVE-2024-9921 | Teamplus Technology Team+ 13.5.x page sql injection