{"id":"CVE-2024-37281","details":"An issue was discovered in Kibana where a user with Viewer role could cause a Kibana instance to crash by sending a large number of maliciously crafted requests to a specific endpoint.","aliases":["BIT-elk-2024-37281","BIT-kibana-2024-37281"],"modified":"2026-03-14T12:38:36.744675Z","published":"2024-07-30T22:15:01.923Z","references":[{"type":"FIX","url":"https://discuss.elastic.co/t/kibana-7-17-23-8-14-0-security-update-esa-2024-16/364094"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/elastic/kibana","events":[{"introduced":"ee89fda8a17eff9c93f7400c102edf76cb4d7d8a"},{"fixed":"89cafc519e1d6e0e08d8cf5c13eee6886fe6e412"},{"introduced":"57ca5e139a33dd2eed927ce98d8231a1f217cd15"},{"fixed":"3bc2979d1d65982aee7d13ebd65434c3470dc808"}],"database_specific":{"versions":[{"introduced":"7.0.0"},{"fixed":"7.17.23"},{"introduced":"8.0.0"},{"fixed":"8.14.0"}]}}],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-37281.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}