Security Advisory

CVE-2024-52972

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-01-23 06:11:10

Last updated 2025-01-23 14:46:31

Assigner elastic

State PUBLISHED

Description

An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a specially crafted request to /api/metrics/snapshot. This can be carried out by users with read access to the Observability Metrics or Logs features in Kibana.

← Browse all CVEs View on cve.org ↗