Detections
Analytics

Kibana 8.12.x < 8.19.7 / 9.1.x < 9.1.7 / 9.2.x < 9.2.1 (ESA-2025-24)

medium Nessus Plugin ID 275872

Language:

Synopsis

The remote host is missing a security update.

Description

The version of Kibana installed on the remote host is prior to 8.19.7, 9.1.7, or 9.2.1. It is, therefore, affected by a vulnerability as referenced in the ESA-2025-24 advisory.

 - Origin Validation Error in Kibana can lead to Server-Side Request Forgery via a forged Origin HTTP header processed by the Observability AI Assistant. This vulnerability affects deployments using the Observability AI Assistant. (CVE-2025-37734)

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

Upgrade to Kibana version 8.19.7, 9.1.7, or 9.2.1 or later.

See Also

http://www.nessus.org/u?d7ea43e6

Plugin Details

Severity: Medium

ID: 275872

File Name: kibana_ESA-2025-24.nasl

Version: 1.1

Type: remote

Family: CGI abuses

Published: 11/20/2025

Updated: 11/20/2025

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 2.2

CVSS v2

Risk Factor: Medium

Base Score: 4

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:P/A:N

CVSS Score Source: CVE-2025-37734

CVSS v3

Risk Factor: Medium

Base Score: 4.3

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Vulnerability Information

CPE: cpe:/a:elasticsearch:kibana

Required KB Items: installed_sw/Kibana, Settings/ParanoidReport

Patch Publication Date: 11/12/2025

Vulnerability Publication Date: 11/12/2025

Reference Information

CVE: CVE-2025-37734

IAVB: 2025-B-0191