A flaw was discovered in Kibana, allowing view-only users of alerting to use the run_soon API making the alerting rule run continuously, potentially affecting the system availability if the alerting rule is running complex queries.

Related CVEs

CVE-2024-37279

Key Information

GHSA ID

GHSA-83pr-wj87-jf6x

Published

June 13, 2024 6:31 PM

Last Modified

June 13, 2024 6:31 PM

CVSS Score

5.0 /10

Primary Ecosystem

Unknown

Primary Package

Unknown

GitHub Reviewed

✗ No

Dataset

Last updated: November 26, 2025 6:30 AM

Data from GitHub Advisory Database. This information is provided for research and educational purposes.