Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
357
VMScore

CVE-2022-23709

Published: 03/03/2022 Updated: 16/03/2022
CVSS v2 Base Score: 4 | Impact Score: 2.9 | Exploitability Score: 8
CVSS v3 Base Score: 4.3 | Impact Score: 1.4 | Exploitability Score: 2.8
VMScore: 357
Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N
Subscribe to Elastic

Vulnerability Summary

A flaw exists in Kibana in which users with Read access to the Uptime feature could modify alerting rules. A user with this privilege would be able to create new alerting rules or overwrite existing ones. However, any new or modified rules would not be enabled, and a user with this privilege could not modify alerting connectors. This effectively means that Read users could disable existing alerting rules.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

elastic kibana

elastic kibana 8.0.0

Vendor Advisories

Red Hat:
A flaw was discovered in Kibana in which users with Read access to the Uptime feature could modify alerting rules A user with this privilege would be able to create new alerting rules or overwrite existing ones However, any new or modified rules would not be enabled, and a user with this privilege could not modify alerting connectors This effect ...

References

CWE-862https://discuss.elastic.co/t/elastic-stack-7-17-1-security-update/298447https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2022-23709
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook