{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-68422", "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "state": "PUBLISHED", "assignerShortName": "elastic", "dateReserved": "2025-12-17T14:30:39.402Z", "datePublished": "2025-12-18T22:32:17.341Z", "dateUpdated": "2025-12-19T15:37:15.618Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Kibana", "vendor": "Elastic", "versions": [{"lessThanOrEqual": "7.17.29", "status": "affected", "version": "7.0.0", "versionType": "semver"}, {"lessThanOrEqual": "8.19.6", "status": "affected", "version": "8.0.0", "versionType": "semver"}, {"lessThanOrEqual": "9.1.6", "status": "affected", "version": "9.0.0", "versionType": "semver"}, {"lessThan": "9.2.0", "status": "affected", "version": "9.2.0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permission restrictions via a crafted HTTP request. This allows an attacker who lacks the live queries - read permission to successfully retrieve the list of live queries.</p>"}], "value": "Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permission restrictions via a crafted HTTP request. This allows an attacker who lacks the live queries - read permission to successfully retrieve the list of live queries."}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseSeverity": "MEDIUM", "baseScore": 4.3, "confidentialityImpact": "LOW", "integrityImpact": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-863", "description": "CWE-863 Incorrect Authorization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "shortName": "elastic", "dateUpdated": "2025-12-18T22:32:17.341Z"}, "references": [{"url": "https://discuss.elastic.co/t/kibana-8-19-7-9-1-7-and-9-2-1-security-update-esa-2025-39/384187"}], "source": {"discovery": "Elastic"}, "title": "Kibana Improper Authorization", "x_generator": {"engine": "Elastic CVE Publisher 0.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-12-19T15:37:03.258242Z", "id": "CVE-2025-68422", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-19T15:37:15.618Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-68422", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-12-19T15:37:03.258242Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-19T15:37:10.867Z"}}], "cna": {"title": "Kibana Improper Authorization", "source": {"discovery": "Elastic"}, "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "LOW"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Elastic", "product": "Kibana", "versions": [{"status": "affected", "version": "7.0.0", "versionType": "semver", "lessThanOrEqual": "7.17.29"}, {"status": "affected", "version": "8.0.0", "versionType": "semver", "lessThanOrEqual": "8.19.6"}, {"status": "affected", "version": "9.0.0", "versionType": "semver", "lessThanOrEqual": "9.1.6"}, {"status": "affected", "version": "9.2.0", "lessThan": "9.2.0", "versionType": "semver"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://discuss.elastic.co/t/kibana-8-19-7-9-1-7-and-9-2-1-security-update-esa-2025-39/384187"}], "x_generator": {"engine": "Elastic CVE Publisher 0.0.1"}, "descriptions": [{"lang": "en", "value": "Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permission restrictions via a crafted HTTP request. This allows an attacker who lacks the live queries - read permission to successfully retrieve the list of live queries.", "supportingMedia": [{"type": "text/html", "value": "<p>Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permission restrictions via a crafted HTTP request. This allows an attacker who lacks the live queries - read permission to successfully retrieve the list of live queries.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-863", "description": "CWE-863 Incorrect Authorization"}]}], "providerMetadata": {"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "shortName": "elastic", "dateUpdated": "2025-12-18T22:32:17.341Z"}}}, "cveMetadata": {"cveId": "CVE-2025-68422", "state": "PUBLISHED", "dateUpdated": "2025-12-19T15:37:15.618Z", "dateReserved": "2025-12-17T14:30:39.402Z", "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "datePublished": "2025-12-18T22:32:17.341Z", "assignerShortName": "elastic"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*", "matchCriteriaId": "8820B4BC-0DAB-4C9B-8053-90DE2C19646E", "versionEndIncluding": "7.17.29", "versionStartIncluding": "7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*", "matchCriteriaId": "E90B4E6B-DB88-4D20-B11B-BACA0FC8BCC6", "versionEndExcluding": "8.19.7", "versionStartIncluding": "8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*", "matchCriteriaId": "DF357479-9E01-423E-94A3-960E5649F06D", "versionEndExcluding": "9.1.7", "versionStartIncluding": "9.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:elastic:kibana:9.2.0:*:*:*:*:*:*:*", "matchCriteriaId": "977CBBAF-EE63-4BFA-B0BD-A06EB353C1FB", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to bypass intended permission restrictions via a crafted HTTP request. This allows an attacker who lacks the live queries - read permission to successfully retrieve the list of live queries."}], "id": "CVE-2025-68422", "lastModified": "2025-12-23T19:08:18.093", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@elastic.co", "type": "Secondary"}]}, "published": "2025-12-18T23:15:49.873", "references": [{"source": "security@elastic.co", "tags": ["Vendor Advisory"], "url": "https://discuss.elastic.co/t/kibana-8-19-7-9-1-7-and-9-2-1-security-update-esa-2025-39/384187"}], "sourceIdentifier": "security@elastic.co", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "security@elastic.co", "type": "Secondary"}]}

{"bugzilla": {"description": "Kibana: Kibana: Privilege escalation and information disclosure via improper authorization", "id": "2423747", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423747"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "status": "draft"}, "cwe": "CWE-863", "details": ["A flaw was found in Kibana. An authenticated user can exploit this vulnerability by sending a specially crafted HTTP request, which bypasses intended permission restrictions. This improper authorization allows an attacker, who lacks the \"live queries - read\" permission, to successfully retrieve the list of live queries, leading to information disclosure and potential privilege escalation."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2025-68422", "package_state": [{"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Fix deferred", "package_name": "openshift-logging/kibana6-rhel8", "product_name": "Logging Subsystem for Red Hat OpenShift"}], "public_date": "2025-12-18T22:32:17Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-68422\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-68422\nhttps://discuss.elastic.co/t/kibana-8-19-7-9-1-7-and-9-2-1-security-update-esa-2025-39/384187"], "statement": "This vulnerability is rated Moderate for Red Hat. An authenticated user in Kibana, as deployed in OpenShift Container Platform, can exploit an improper authorization flaw to bypass intended permission restrictions. This allows the user to retrieve a list of live queries, leading to information disclosure and potential privilege escalation.", "threat_severity": "Moderate"}

{"created": "2025-12-19T09:15:32.876106+00:00", "updated": "2025-12-19T09:15:32.876131+00:00", "vendors": ["elastic", "elastic$PRODUCT$kibana"]}