0.001 Low
EPSS
Percentile
22.7%
kibana is vulnerable to privilege escalation. An attacker with read access to the uptime feature in the kibana.index.ts can modify the alerting rules or overwrite the existing rules.
uptime
kibana.index.ts
discuss.elastic.co/t/elastic-stack-7-17-1-security-update/298447
github.com/elastic/kibana/commit/8f2596cd209c528322d8d61ad77054550e0e5986
github.com/elastic/kibana/commit/958eb950fb21df92cd31223c3162fe22d2ef251d
github.com/elastic/kibana/pull/125031
github.com/elastic/kibana/pull/125082