{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-68386", "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "state": "PUBLISHED", "assignerShortName": "elastic", "dateReserved": "2025-12-16T19:18:49.562Z", "datePublished": "2025-12-18T22:21:09.453Z", "dateUpdated": "2025-12-19T15:36:42.060Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Kibana", "vendor": "Elastic", "versions": [{"lessThanOrEqual": "7.17.29", "status": "affected", "version": "7.0.0", "versionType": "semver"}, {"lessThanOrEqual": "8.19.7", "status": "affected", "version": "8.0.0", "versionType": "semver"}, {"lessThanOrEqual": "9.1.7", "status": "affected", "version": "9.0.0", "versionType": "semver"}, {"lessThanOrEqual": "9.2.1", "status": "affected", "version": "9.2.0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to change a document's sharing type to \"global,\" even though they do not have permission to do so, making it visible to everyone in the space via a crafted a HTTP request.</p>"}], "value": "Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to change a document's sharing type to \"global,\" even though they do not have permission to do so, making it visible to everyone in the space via a crafted a HTTP request."}], "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseSeverity": "MEDIUM", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "privilegesRequired": "LOW", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-863", "description": "CWE-863 Incorrect Authorization", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "shortName": "elastic", "dateUpdated": "2025-12-18T22:21:09.453Z"}, "references": [{"url": "https://discuss.elastic.co/t/kibana-8-19-8-9-1-8-and-9-2-2-security-update-esa-2025-38/384186"}], "source": {"discovery": "Elastic"}, "title": "Kibana Improper Authorization", "x_generator": {"engine": "Elastic CVE Publisher 0.0.1"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-12-19T15:36:31.024126Z", "id": "CVE-2025-68386", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-19T15:36:42.060Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-68386", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "yes"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-12-19T15:36:31.024126Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-19T15:36:36.813Z"}}], "cna": {"title": "Kibana Improper Authorization", "source": {"discovery": "Elastic"}, "impacts": [{"capecId": "CAPEC-233", "descriptions": [{"lang": "en", "value": "CAPEC-233 Privilege Escalation"}]}], "metrics": [{"format": "CVSS", "cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4.3, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "LOW", "confidentialityImpact": "NONE"}, "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "affected": [{"vendor": "Elastic", "product": "Kibana", "versions": [{"status": "affected", "version": "7.0.0", "versionType": "semver", "lessThanOrEqual": "7.17.29"}, {"status": "affected", "version": "8.0.0", "versionType": "semver", "lessThanOrEqual": "8.19.7"}, {"status": "affected", "version": "9.0.0", "versionType": "semver", "lessThanOrEqual": "9.1.7"}, {"status": "affected", "version": "9.2.0", "versionType": "semver", "lessThanOrEqual": "9.2.1"}], "defaultStatus": "unaffected"}], "references": [{"url": "https://discuss.elastic.co/t/kibana-8-19-8-9-1-8-and-9-2-2-security-update-esa-2025-38/384186"}], "x_generator": {"engine": "Elastic CVE Publisher 0.0.1"}, "descriptions": [{"lang": "en", "value": "Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to change a document's sharing type to \"global,\" even though they do not have permission to do so, making it visible to everyone in the space via a crafted a HTTP request.", "supportingMedia": [{"type": "text/html", "value": "<p>Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to change a document's sharing type to \"global,\" even though they do not have permission to do so, making it visible to everyone in the space via a crafted a HTTP request.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-863", "description": "CWE-863 Incorrect Authorization"}]}], "providerMetadata": {"orgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "shortName": "elastic", "dateUpdated": "2025-12-18T22:21:09.453Z"}}}, "cveMetadata": {"cveId": "CVE-2025-68386", "state": "PUBLISHED", "dateUpdated": "2025-12-19T15:36:42.060Z", "dateReserved": "2025-12-16T19:18:49.562Z", "assignerOrgId": "271b6943-45a9-4f3a-ab4e-976f3fa05b5a", "datePublished": "2025-12-18T22:21:09.453Z", "assignerShortName": "elastic"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*", "matchCriteriaId": "8820B4BC-0DAB-4C9B-8053-90DE2C19646E", "versionEndIncluding": "7.17.29", "versionStartIncluding": "7.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*", "matchCriteriaId": "BB564579-5F98-4F52-B32A-9B87C25DF71B", "versionEndExcluding": "8.19.8", "versionStartIncluding": "8.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*", "matchCriteriaId": "4CFE640F-1CCC-4580-AC29-5438EE33627C", "versionEndExcluding": "9.1.8", "versionStartIncluding": "9.0.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*", "matchCriteriaId": "C4429C9D-7DA5-4F27-B0AB-92F8D6F077CE", "versionEndExcluding": "9.2.2", "versionStartIncluding": "9.2.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Improper Authorization (CWE-285) in Kibana can lead to privilege escalation (CAPEC-233) by allowing an authenticated user to change a document's sharing type to \"global,\" even though they do not have permission to do so, making it visible to everyone in the space via a crafted a HTTP request."}], "id": "CVE-2025-68386", "lastModified": "2025-12-23T19:07:36.380", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 4.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 1.4, "source": "security@elastic.co", "type": "Secondary"}]}, "published": "2025-12-18T23:15:49.160", "references": [{"source": "security@elastic.co", "tags": ["Vendor Advisory"], "url": "https://discuss.elastic.co/t/kibana-8-19-8-9-1-8-and-9-2-2-security-update-esa-2025-38/384186"}], "sourceIdentifier": "security@elastic.co", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "security@elastic.co", "type": "Secondary"}]}

{"bugzilla": {"description": "Kibana: Kibana: Unauthorized Information Disclosure via Improper Authorization", "id": "2423746", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2423746"}, "csaw": false, "cvss3": {"cvss3_base_score": "4.3", "cvss3_scoring_vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N", "status": "draft"}, "cwe": "CWE-863", "details": ["A flaw was found in Kibana, where an authenticated user, through a crafted HTTP request, can exploit an Improper Authorization (CWE-285) vulnerability. This allows the user to change a document's sharing type to \"global\" without proper permissions. The consequence is unauthorized information disclosure, making the document visible to everyone in the space, effectively leading to a form of privilege escalation."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options do not meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to widespread installation base, or stability."}, "name": "CVE-2025-68386", "package_state": [{"cpe": "cpe:/a:redhat:logging:5", "fix_state": "Fix deferred", "package_name": "openshift-logging/kibana6-rhel8", "product_name": "Logging Subsystem for Red Hat OpenShift"}], "public_date": "2025-12-18T22:21:09Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-68386\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-68386\nhttps://discuss.elastic.co/t/kibana-8-19-8-9-1-8-and-9-2-2-security-update-esa-2025-38/384186"], "statement": "This vulnerability is rated Moderate for Red Hat. An authenticated user in Kibana can exploit an improper authorization flaw to change a document's sharing type to \"global\" without proper permissions. This leads to unauthorized information disclosure, making the document visible to all users in the space. This affects OpenShift Container Platform via `openshift-logging/kibana6-rhel8`.", "threat_severity": "Moderate"}

{"created": "2025-12-19T09:15:54.717652+00:00", "updated": "2025-12-19T09:15:54.717679+00:00", "vendors": ["elastic", "elastic$PRODUCT$kibana"]}