{"vulnerability": "CVE-2024-3728", "sightings": [{"uuid": "8e0ffb2f-0bc9-4947-812c-39fd66ba579a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37284", "type": "seen", "source": "https://t.me/cvedetector/15920", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-37284 - Elastic Defend Windows Alt Encoding Crash Vulnerability (Heap Corruption)\", \n  \"Content\": \"CVE ID : CVE-2024-37284 \nPublished : Jan. 21, 2025, 11:15 a.m. | 29\u00a0minutes ago \nDescription : Improper handling of alternate encoding occurs when Elastic Defend on Windows systems attempts to scan a file or process encoded as a multibyte character. This leads to an uncaught exception causing Elastic Defend to crash which in turn will prevent it from quarantining the file and/or killing the process. \nSeverity: 5.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"21 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-21T12:46:39.000000Z"}, {"uuid": "3c50e15a-50d6-4913-8d02-4c270164cb36", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37286", "type": "seen", "source": "https://t.me/cvedetector/2397", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-37286 - Elasticsearch APM Server Document Body Information Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-37286 \nPublished : Aug. 3, 2024, 4:15 p.m. | 37\u00a0minutes ago \nDescription : APM server logs contain document body from a partially failed bulk index request. For example, in case of unavailable_shards_exception for a specific document, since the ES response line contains the document body, and that APM server logs the ES response line on error, the document is effectively logged. \nSeverity: 5.7 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"03 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-03T19:16:34.000000Z"}, {"uuid": "a663bab6-1d17-4518-befa-fc94da3b9b5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37285", "type": "seen", "source": "https://t.me/CyberBulletin/591", "content": "\u26a1\ufe0fCritical Kibana Flaws (CVE-2024-37288, CVE-2024-37285) Expose Systems to Arbitrary Code Execution.\n\n#CyberBulletin", "creation_timestamp": "2024-09-09T07:57:07.000000Z"}, {"uuid": "7fff03dc-5eb3-4198-9bf9-ec8795920f9a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37288", "type": "seen", "source": "https://t.me/InfoSecInsider/23720", "content": "Critical Kibana Flaws Expose Systems to Arbitrary Code Execution\n\nURGENT: Critical security advisory for #Kibana users. Update to version 8.15.1 now to mitigate vulnerabilities CVE-2024-37288 (CVSS 9.9) and CVE-2024-37285 (CVSS 9.1). \n\n#CyberBulletin", "creation_timestamp": "2024-09-09T10:00:15.000000Z"}, {"uuid": "1445e25e-4ee1-4c57-9654-d87a370a0a24", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37285", "type": "seen", "source": "https://t.me/InfoSecInsider/23720", "content": "Critical Kibana Flaws Expose Systems to Arbitrary Code Execution\n\nURGENT: Critical security advisory for #Kibana users. Update to version 8.15.1 now to mitigate vulnerabilities CVE-2024-37288 (CVSS 9.9) and CVE-2024-37285 (CVSS 9.1). \n\n#CyberBulletin", "creation_timestamp": "2024-09-09T10:00:15.000000Z"}, {"uuid": "e58f006e-af65-414d-aa33-77842bc0d816", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37285", "type": "seen", "source": "https://t.me/InfoSecInsider/23714", "content": "\u26a1\ufe0fCritical Kibana Flaws (CVE-2024-37288, CVE-2024-37285) Expose Systems to Arbitrary Code Execution.\n\n#CyberBulletin", "creation_timestamp": "2024-09-09T10:00:11.000000Z"}, {"uuid": "b0d249df-e89c-4a7a-9ece-4b1047afaa71", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37285", "type": "seen", "source": "https://t.me/InfoSecInsider/239", "content": "Critical Kibana Flaws Expose Systems to Arbitrary Code Execution\n\nURGENT: Critical security advisory for #Kibana users. Update to version 8.15.1 now to mitigate vulnerabilities CVE-2024-37288 (CVSS 9.9) and CVE-2024-37285 (CVSS 9.1). \n\n#CyberBulletin", "creation_timestamp": "2024-09-09T10:00:16.000000Z"}, {"uuid": "196e7127-a4df-4882-a9cc-595537a929b2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37288", "type": "seen", "source": "https://t.me/InfoSecInsider/239", "content": "Critical Kibana Flaws Expose Systems to Arbitrary Code Execution\n\nURGENT: Critical security advisory for #Kibana users. Update to version 8.15.1 now to mitigate vulnerabilities CVE-2024-37288 (CVSS 9.9) and CVE-2024-37285 (CVSS 9.1). \n\n#CyberBulletin", "creation_timestamp": "2024-09-09T10:00:16.000000Z"}, {"uuid": "da45bd9d-5435-47c1-972f-b1b87d12a7e3", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37285", "type": "seen", "source": "https://t.me/InfoSecInsider/233", "content": "\u26a1\ufe0fCritical Kibana Flaws (CVE-2024-37288, CVE-2024-37285) Expose Systems to Arbitrary Code Execution.\n\n#CyberBulletin", "creation_timestamp": "2024-09-09T10:00:16.000000Z"}, {"uuid": "90029552-6bff-4792-acd5-6e3bcdb08741", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37288", "type": "seen", "source": "https://t.me/InfoSecInsider/233", "content": "\u26a1\ufe0fCritical Kibana Flaws (CVE-2024-37288, CVE-2024-37285) Expose Systems to Arbitrary Code Execution.\n\n#CyberBulletin", "creation_timestamp": "2024-09-09T10:00:16.000000Z"}, {"uuid": "7d438af4-9749-4c39-ba16-67f23b00b4bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37284", "type": "seen", "source": "https://infosec.exchange/users/screaminggoat/statuses/113866626544916871", "content": "", "creation_timestamp": "2025-01-21T13:40:36.529054Z"}, {"uuid": "51728bae-4856-4aad-83d7-5fe5f7ec39bc", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37284", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2428", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-37284\n\ud83d\udd39 Description: Improper handling of alternate encoding occurs when Elastic Defend on Windows systems attempts to scan a file or process encoded as a multibyte character. This leads to an uncaught exception causing Elastic Defend to crash which in turn will prevent it from quarantining the file and/or killing the process.\n\ud83d\udccf Published: 2025-01-21T10:56:14.762Z\n\ud83d\udccf Modified: 2025-01-21T16:32:03.006Z\n\ud83d\udd17 References:\n1. https://discuss.elastic.co/t/elastic-defend-8-13-3-security-update-esa-2024-24/373441", "creation_timestamp": "2025-01-21T17:00:49.000000Z"}, {"uuid": "247abc49-411a-456b-9d40-47e299d2888f", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37289", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/7629", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-37289\n\ud83d\udd25 CVSS Score: 7.8 (cvssV3_1, Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H)\n\ud83d\udd39 Description: An improper access control vulnerability in Trend Micro Apex One could allow a local attacker to escalate privileges on affected installations.\n\nPlease note: an attacker must first obtain the ability to execute low-privileged code on the target system in order to exploit this vulnerability.\n\ud83d\udccf Published: 2024-06-10T21:22:34.551Z\n\ud83d\udccf Modified: 2025-03-14T19:24:42.697Z\n\ud83d\udd17 References:\n1. https://success.trendmicro.com/dcx/s/solution/000298063\n2. https://www.zerodayinitiative.com/advisories/ZDI-24-577/", "creation_timestamp": "2025-03-14T19:44:56.000000Z"}, {"uuid": "03f3a910-7f55-43ca-b429-993c6ad27fb7", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37288", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/12529", "content": "\u200aCritical Kibana Flaws (CVE-2024-37288, CVE-2024-37285) Expose Systems to Arbitrary Code Execution\n\nhttps://securityonline.info/critical-kibana-flaws-cve-2024-37288-cve-2024-37285-expose-systems-to-arbitrary-code-execution/", "creation_timestamp": "2024-09-09T09:27:41.000000Z"}, {"uuid": "c9dfefc8-c46a-4de3-8c54-888bd9cc9720", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37285", "type": "seen", "source": "https://t.me/cvedetector/10977", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-37285 - Kibana Elasticsearch Deserialization Code Execution Vulnerability (Arbitrary Code Execution)\", \n  \"Content\": \"CVE ID : CVE-2024-37285 \nPublished : Nov. 14, 2024, 5:15 p.m. | 38\u00a0minutes ago \nDescription : A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. A successful attack requires a malicious user to have a combination of both specific  Elasticsearch indices privileges  \u00a0and  Kibana privileges  \u00a0assigned to them.  \n  \n  \n  \nThe following Elasticsearch indices permissions are required  \n  \n  *  write\u00a0privilege on the system indices .kibana_ingest*  \n  *  The allow_restricted_indices\u00a0flag is set to true  \n  \n  \nAny of the following Kibana privileges are additionally required  \n  \n  *  Under Fleet\u00a0the All\u00a0privilege is granted  \n  *  Under Integration\u00a0the Read\u00a0or All\u00a0privilege is granted  \n  *  Access to the fleet-setup\u00a0privilege is gained through the Fleet Server\u2019s service account token \nSeverity: 9.1 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"14 Nov 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-11-14T19:10:17.000000Z"}, {"uuid": "c4c55e54-56f4-41c1-816f-30b4267c9bf8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37285", "type": "seen", "source": "https://t.me/CyberBulletin/597", "content": "Critical Kibana Flaws Expose Systems to Arbitrary Code Execution\n\nURGENT: Critical security advisory for #Kibana users. Update to version 8.15.1 now to mitigate vulnerabilities CVE-2024-37288 (CVSS 9.9) and CVE-2024-37285 (CVSS 9.1). \n\n#CyberBulletin", "creation_timestamp": "2024-09-09T09:59:46.000000Z"}, {"uuid": "9dbb7265-f900-4092-8150-b779b0e3c828", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37281", "type": "seen", "source": "https://t.me/cvedetector/2082", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-37281 - Kibana Resource Exhaustion DoS Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-37281 \nPublished : July 30, 2024, 10:15 p.m. | 37\u00a0minutes ago \nDescription : An issue was discovered in Kibana where a user with Viewer role could cause a Kibana instance to crash by sending a large number of maliciously crafted requests to a specific endpoint. \nSeverity: 6.5 | MEDIUM \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"31 Jul 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-07-31T00:56:56.000000Z"}, {"uuid": "5409b10a-0f3c-4a15-a665-9396a6a9849e", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37288", "type": "seen", "source": "https://t.me/CyberBulletin/591", "content": "\u26a1\ufe0fCritical Kibana Flaws (CVE-2024-37288, CVE-2024-37285) Expose Systems to Arbitrary Code Execution.\n\n#CyberBulletin", "creation_timestamp": "2024-09-09T07:57:07.000000Z"}, {"uuid": "862361fa-f395-47fa-a4fc-b88b2354e637", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37288", "type": "seen", "source": "https://t.me/CyberBulletin/597", "content": "Critical Kibana Flaws Expose Systems to Arbitrary Code Execution\n\nURGENT: Critical security advisory for #Kibana users. Update to version 8.15.1 now to mitigate vulnerabilities CVE-2024-37288 (CVSS 9.9) and CVE-2024-37285 (CVSS 9.1). \n\n#CyberBulletin", "creation_timestamp": "2024-09-09T09:59:46.000000Z"}, {"uuid": "4134265b-9958-4237-ab8d-cf92088c3e7b", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37285", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113482361409012497", "content": "", "creation_timestamp": "2024-11-14T16:56:55.590763Z"}, {"uuid": "c0924011-60fc-4e24-bc8e-eb60f81c3120", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37287", "type": "seen", "source": "https://www.cisa.gov/news-events/ics-advisories/icsa-24-319-13", "content": "", "creation_timestamp": "2024-11-14T12:00:00.000000Z"}, {"uuid": "1476fe01-46b3-4b87-831b-dc5a76353b51", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37284", "type": "seen", "source": "https://infosec.exchange/users/cve/statuses/113866007249961752", "content": "", "creation_timestamp": "2025-01-21T11:03:06.542852Z"}, {"uuid": "ae7beed2-7358-4aeb-8218-0affd69f1ee8", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37284", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgas6wewyk2w", "content": "", "creation_timestamp": "2025-01-21T11:54:26.906920Z"}, {"uuid": "f9d99320-1a98-47c7-9153-9d9d97459da9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37284", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgapzl7xkw2b", "content": "", "creation_timestamp": "2025-01-21T11:15:37.781428Z"}, {"uuid": "54c71b07-3899-468a-b33f-450f2a8d5956", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37285", "type": "published-proof-of-concept", "source": "https://t.me/HackingInsights/12529", "content": "\u200aCritical Kibana Flaws (CVE-2024-37288, CVE-2024-37285) Expose Systems to Arbitrary Code Execution\n\nhttps://securityonline.info/critical-kibana-flaws-cve-2024-37288-cve-2024-37285-expose-systems-to-arbitrary-code-execution/", "creation_timestamp": "2024-09-09T09:27:41.000000Z"}, {"uuid": "8bdf8cbe-6088-490b-9973-7c6ec77e0841", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37288", "type": "seen", "source": "https://t.me/cvedetector/5101", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-37288 - Elastic Kibana YAML Deserialization Arbitrary Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-37288 \nPublished : Sept. 9, 2024, 9:15 a.m. | 43\u00a0minutes ago \nDescription : A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. This issue only affects users that use  Elastic Security\u2019s built-in AI tools  \u00a0and have configured an  Amazon Bedrock connector  . \nSeverity: 9.9 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"09 Sep 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-09-09T12:18:24.000000Z"}, {"uuid": "8334060c-235e-414b-8a6c-b1070084ccff", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37287", "type": "seen", "source": "https://t.me/cvedetector/3013", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-37287 - Kibana Prototype Pollution Arbitrary Code Execution Vulnerability\", \n  \"Content\": \"CVE ID : CVE-2024-37287 \nPublished : Aug. 13, 2024, 12:15 p.m. | 21\u00a0minutes ago \nDescription : A flaw allowing arbitrary code execution was discovered in Kibana. An attacker with access to ML and Alerting connector features, as well as write access to internal ML indices can trigger a prototype pollution vulnerability, ultimately leading to arbitrary code execution. \nSeverity: 9.1 | CRITICAL \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"13 Aug 2024\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2024-08-13T14:36:34.000000Z"}, {"uuid": "e08ea248-833c-4170-b40b-c740978b01a2", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "2a075640-a300-48a4-bb44-bc6130783b9b", "vulnerability": "CVE-2024-37288", "type": "seen", "source": "https://t.me/InfoSecInsider/23714", "content": "\u26a1\ufe0fCritical Kibana Flaws (CVE-2024-37288, CVE-2024-37285) Expose Systems to Arbitrary Code Execution.\n\n#CyberBulletin", "creation_timestamp": "2024-09-09T10:00:11.000000Z"}]}