CVE-2025-25012 needs Kibana 8.17.3

fbacchella · March 6, 2025, 1:14pm

Is there an official release about this high level CVE ?

It implies integration, that are not good friends with Search Guard any way. Does it make worse or does SG is protected ?

nils · March 7, 2025, 5:47am

You can find a new release of Search Guard for ES 8.17.3 here:

At the moment, the analysis on how Kibana with SG was affected or not is however not finished.

system · March 28, 2025, 5:47am

This topic was automatically closed 21 days after the last reply. New replies are no longer allowed.

Topic		Replies	Views
Update to kibana 8.17.6 needed for a CVE Search Guard	4	30	May 20, 2025
Kibana Cross-Site Scripting (ESA-2023-05) and Kibana arbitrary code execution (ESA-2023-07) Search Guard	2	406	May 30, 2023
Search Guard 24.3 for Elasticsearch 6.7.0 released Announcements	1	689	April 16, 2019
SG support for ES 7.8.1 Announcements	4	537	August 17, 2020
Search Guard for 7.7.0 Feature Requests	14	1100	June 12, 2020