We use these services and cookies to improve your user experience. You may opt out if you wish, however, this may limit some features on this site.
Please see our statement on Data Privacy.
A deserialization issue in Kibana can lead to arbitrary code execution when Kibana attempts to parse a YAML document containing a crafted payload. This issue only affects users that use Elastic Security’s built-in AI tools https://www.elastic.co/guide/en/security/current/ai-for-security.html and have configured an Amazon Bedrock connector https://www.elastic.co/guide/en/security/current/assistant-connect-to-bedrock.html .
Reserved 2024-06-05 | Published 2024-09-09 | Updated 2024-09-17 | Assigner elasticCWE-502 Deserialization of Untrusted Data
discuss.elastic.co/...-update-esa-2024-27-esa-2024-28/366119
Support options