CVE-2024-52972 – Kibana Unchecked Metrics Snapshot Request Denial of Service

CVE ID : CVE-2024-52972

Published : Jan. 23, 2025, 7:15 a.m. | 1 hour, 2 minutes ago

Description : An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a specially crafted request to /api/metrics/snapshot. This can be carried out by users with read access to the Observability Metrics or Logs features in Kibana.

Severity: 6.5 | MEDIUM

Visit the link for more details, such as CVSS details, affected products, timeline, and more…

CVE-2024-52972 – Kibana Unchecked Metrics Snapshot Request Denial of Service