cvedb.io
CVE-2024-43707
HIGH · CVSS 7.7
EPSS exploitation probability: 0%
Published 2025-01-23T06:15:27.380 · Last modified 2026-06-17T07:51:34.570

Summary

An issue was identified in Kibana where a user without access to Fleet can view Elastic Agent policies that could contain sensitive information. The nature of the sensitive information depends on the integrations enabled for the Elastic Agent and their respective versions.

Affected products

elastic — kibana

Does this affect you?

Add your gear to cvedb and we'll alert you only when elastic ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.