{"id":"CVE-2024-52973","details":"An allocation of resources without limits or throttling in Kibana can lead to a crash caused by a specially crafted request to /api/log_entries/summary. This can be carried out by users with read access to the Observability-Logs feature in Kibana.","modified":"2026-04-10T05:18:17.127398Z","published":"2025-01-21T11:15:10.200Z","references":[{"type":"FIX","url":"https://discuss.elastic.co/t/kibana-7-17-23-and-8-14-2-security-update-esa-2024-26/373443"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/elastic/kibana","events":[{"introduced":"0"},{"fixed":"89cafc519e1d6e0e08d8cf5c13eee6886fe6e412"},{"introduced":"57ca5e139a33dd2eed927ce98d8231a1f217cd15"},{"fixed":"50d89958910ab6fa9b8c4f4f40c53e89ad6dbbe1"}],"database_specific":{"versions":[{"introduced":"0"},{"fixed":"7.17.23"},{"introduced":"8.0.0"},{"fixed":"8.14.2"}]}}],"versions":["7.0-known-good","deploy@1693594780","deploy@1693609987","deploy@1693853982","deploy@1693860790","deploy@1693866333","deploy@1694087994","deploy@1694162455","deploy@1694506029","deploy@1694683198","deploy@1695286747","deploy@1696328885","deploy@1696415195","deploy@1696508231","deploy@1696618725","deploy@1696873111","deploy@1697028216","deploy@1697232175","deploy@1697564183","deploy@1698046713","deploy@1698657637","deploy@1699260155","deploy@1699865290","deploy@1700491293","deploy@1701160888","deploy@1701687168","deploy@1702284899","deploy@1702367069","deploy@1702879551","deploy@1702903357","deploy@1703484304","deploy@1704089101","deploy@1704693922","deploy@1705298718","deploy@1705306975","deploy@1705903520","deploy@1706508321","deploy@1707113127","deploy@1707717945","deploy@1708322739","deploy@1708927574","deploy@1709532332","deploy@1709533819","deploy@1710137117","deploy@1710146776","deploy@1710741924","deploy@1711370131","deploy@1711952105","deploy@1712566963","deploy@1713161715","test-depl-20231013154558","test-depl-20231025084603","v4.0.0-beta1","v4.0.0-beta1.1","v4.0.0-beta2","v4.0.0-beta3","v4.2.0-beta1","v5.0.0-alpha5","v6.0.0-alpha1","v6.0.0-alpha2","v7.0.0-alpha1","v7.0.0-alpha2","v7.16.0","v7.16.1","v7.17.0","v7.17.1","v7.17.10","v7.17.11","v7.17.12","v7.17.13","v7.17.14","v7.17.15","v7.17.16","v7.17.17","v7.17.18","v7.17.19","v7.17.2","v7.17.20","v7.17.21","v7.17.22","v7.17.3","v7.17.4","v7.17.5","v7.17.6","v7.17.7","v7.17.8","v7.17.9","v8.0.0-alpha1","v8.0.0-alpha2","v8.14.0","v8.14.1"],"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2024-52973.json"}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H"}]}