CVE-2024-52972 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a specially crafted request to /api/metrics/snapshot. This can b…
Medium CVSS: 6.5

CVE-2024-52972

An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a specially crafted request to /api/metrics/snapshot. This can be carried out by users with read access to the Observability Metrics or Logs features in Kibana.
Vendor
Elastic
Product
Kibana
CWE
CWE-770
Yayın Tarihi
2025-01-23 07:15:08
Güncelleme
2025-09-30 20:57:56
Source Identifier
security@elastic.co
KEV Date Added
-

Kategoriler

CWE-770 Kibana MEDIUM Elastic 2025

Referanslar

https://discuss.elastic.co/t/kibana-7-17-23-8-15-0-security-updates-esa-2024-32-esa-2024-33/373548