Kibana CrowdStrike Connector Flaw Exposes Sensitive Credentials
gbhackersA security issue in the Kibana CrowdStrike Connector allows attackers to access stored CrowdStrike credentials.
The flaw affects multiple versions of Kibana and can expose credentials across spaces within the same deployment. Elastic has released updates to resolve this issue and urges users to upgrade immediately.
Vulnerability Details
The flaw, tracked as CVE-2025-37728, arises from insufficient protection of credentials in the CrowdStrike Connector.
When a connector is created in one workspace or space within Kibana, the credentials used to access the CrowdStrike API are cached.
| CVE ID | Affected Versions | Impact | CVSS 3.1 Score |
| CVE-2025-37728 | 7.x: ≤ 7.17.29 8.x: 8.14.0 to 8.18.7 8.19.x: 8.19.0 to 8.19.4 9.0.x: 9.0.0 to 9.0.7 9.1.x: 9.1.0 to 9.1.4 |
Partial credential leak | 5.4 |
A malicious user with access to ...
Copyright of this story solely belongs to gbhackers . To see the full text click HERE