Kibana Crowdstrike Connector Vulnerability Exposes Protected Credentials - Cybernoz - Cybersecurity News

Kibana CrowdStrike Connector Flaw Exposes Sensitive Credentials

A security issue in the Kibana CrowdStrike Connector allows attackers to access stored CrowdStrike credentials. The flaw affects multiple versions of Kibana and can expose credentials across spaces within the same deployment. Elastic has released updates to resolve this issue and urges users to upgrade immediately. Vulnerability Details The flaw, tracked as CVE-2025-37728, arises from […] The post Kibana CrowdStrike Connector Flaw Exposes Sensit…

Kibana Crowdstrike Connector Vulnerability Exposes Protected Credentials - Cybernoz - Cybersecurity News

Elastic has released a security advisory detailing a medium-severity vulnerability in the Kibana CrowdStrike Connector that could allow for the exposure of sensitive credentials. The flaw, tracked as CVE-2025-37728, affects multiple versions of Kibana and could allow a malicious user to access cached CrowdStrike credentials from other users within the same environment. The vulnerability underscores the security risks associated with interconnect…