What is the CVSS score of CVE-2024-43706?

CVE-2024-43706 has a CVSS 3.1 base score of 7.6 (High). CVSS vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L. EPSS exploitation probability: 0.1%.

Which versions of Kibana are affected by CVE-2024-43706?

CVE-2024-43706 is a privilege escalation vulnerability in Kibana's Synthetic monitor endpoint that allows authenticated users to bypass access controls and perform unauthorized actions on monitoring…. A patch is available.

How to fix or mitigate CVE-2024-43706?

Within 24 hours: identify all Kibana instances in your environment and verify current version. Within 7 days: apply the vendor-released patch to all affected Kibana instances and validate synthetic monitor access controls post-remediation. Within 30 days: conduct access review of synthetic monitor functionality to ensure no unauthorized changes were made during the exposure window.

Kibana CVE-2024-43706

EUVD-2024-54667 HIGH

Improper Authorization (CWE-285)

2025-06-10 security@elastic.co

Authentication Bypass Privilege Escalation Elastic Kibana

7.6

CVSS 3.1

CVSS VectorNVD

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:L

Attack Vector

Network

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

Low

Availability

Low

Lifecycle Timeline

Analysis Updated

Apr 16, 2026 - 06:42 EUVD-patch-fix

executive_summary

Re-analysis Queued

Apr 16, 2026 - 05:29 backfill_euvd_patch

patch_released

Patch available

Apr 16, 2026 - 05:29 EUVD

8.12.1

EUVD ID Assigned

Mar 14, 2026 - 19:49 euvd

EUVD-2024-54667

Analysis Generated

Mar 14, 2026 - 19:49 vuln.today

CVE Published

Jun 10, 2025 - 17:19 nvd

HIGH 7.6

DescriptionNVD

Improper authorization in Kibana can lead to privilege abuse via a direct HTTP request to a Synthetic monitor endpoint.

AnalysisAI

CVE-2024-43706 is an improper authorization vulnerability in Kibana's Synthetic monitor endpoint that allows authenticated users to escalate privileges through direct HTTP requests. Attackers with low-level credentials can bypass access controls to perform unauthorized actions on synthetic monitoring functionality, potentially affecting confidentiality, integrity, and availability. While the CVSS 7.6 score indicates significant risk, real-world impact depends on deployment context and whether this vulnerability is actively exploited in the wild.

Technical ContextAI

This vulnerability exists in Kibana's Synthetic Monitoring module, which is part of the Elastic Stack used for synthetic uptime and performance monitoring. The root cause is CWE-285 (Improper Authorization), indicating insufficient access control checks on HTTP endpoints designated for synthetic monitor operations. Rather than enforcing proper Role-Based Access Control (RBAC) or attribute-based access controls, the endpoint likely validates authentication (that a user exists) but fails to validate that the authenticated user has appropriate privileges to interact with synthetic monitors. This is a common pattern where authentication is conflated with authorization. The vulnerability is accessible via direct HTTP requests to the endpoint, meaning no special tooling or complex exploitation technique is required—standard HTTP clients suffice. The low attack complexity (AC:L) confirms this.

RemediationAI

Immediate Patch: Upgrade Kibana to the patched version published by Elastic for CVE-2024-43706 (version specifics should be obtained from Elastic's official advisory). 2. Interim Mitigation: Restrict network access to Kibana's Synthetic monitor endpoints at the firewall/load-balancer level, limiting HTTP requests to trusted source IPs. 3. Access Control Review: Audit user role assignments in Kibana; ensure low-privilege users do not have synthetic monitoring privileges if not required. Implement principle of least privilege strictly. 4. Monitoring: Enable audit logging on Kibana API endpoints to detect unauthorized synthetic monitor access attempts. Monitor for unusual API calls to synthetic endpoints from low-privilege users. 5. Workaround (if patching is delayed): Disable or restrict Synthetic Monitoring features in Kibana if not in active use, via configuration settings in kibana.yml.

More from same product – last 7 days

CVE-2026-42398 HIGH This Week

7.7 May 28

Server-side request forgery in Elastic Kibana allows authenticated users holding connector management privileges to bypa

CVE-2026-33464 MEDIUM This Month

6.5 May 28

Denial of service in Kibana allows any authenticated low-privileged user to render the Kibana service unresponsive for a

CVE-2026-42399 MEDIUM This Month

6.5 May 28

Denial of service in Elastic Kibana allows an authenticated low-privileged user to crash the Kibana service and deny acc

CVE-2026-42400 MEDIUM This Month

6.5 May 28

Denial of service in Kibana allows any authenticated user to crash or render unresponsive a Kibana instance by sending a

CVE-2026-49094 MEDIUM This Month

6.5 May 28

Denial of service in Kibana's analytics collections management endpoint allows any authenticated user with viewer-level

Vendor StatusVendor

Debian

Bug #700337

kibana

Release	Status	Fixed Version	Urgency
	open	-	-

CVE-2024-43706 vulnerability details – vuln.today

Back

Kibana CVE-2024-43706

CVSS VectorNVD

Lifecycle Timeline

DescriptionNVD

AnalysisAI

Technical ContextAI

RemediationAI

More from same product – last 7 days

Vendor StatusVendor

Debian

Share

External POC / Exploit Code