{"vulnerability": "CVE-2024-43707", "sightings": [{"uuid": "7039f822-26ef-4187-bb6d-8d44ad2da05a", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43707", "type": "seen", "source": "https://bsky.app/profile/cve.skyfleet.blue/post/3lgfbsozvgs2q", "content": "", "creation_timestamp": "2025-01-23T06:44:33.284258Z"}, {"uuid": "2ab3f4d7-5c4c-42a9-8537-dc6a3482983c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43707", "type": "seen", "source": "https://bsky.app/profile/cve-notifications.bsky.social/post/3lgfa7i2zsj27", "content": "", "creation_timestamp": "2025-01-23T06:15:55.063234Z"}, {"uuid": "3e82950e-766e-45e4-92a1-469c981460c9", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43707", "type": "seen", "source": "https://bsky.app/profile/bolhasec.com/post/3lhh3x6sdbh2i", "content": "", "creation_timestamp": "2025-02-05T17:30:13.114286Z"}, {"uuid": "11ebc31d-f7c9-428a-b529-aba593f1fb5c", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43707", "type": "seen", "source": "https://t.me/cvedetector/16161", "content": "{\n  \"Source\": \"CVE FEED\",\n  \"Title\": \"CVE-2024-43707 - Kibana Fleet Agent Policy Disclosure\", \n  \"Content\": \"CVE ID : CVE-2024-43707 \nPublished : Jan. 23, 2025, 6:15 a.m. | 38\u00a0minutes ago \nDescription : An issue was identified in Kibana where a user without access to Fleet can view Elastic Agent policies that could contain sensitive information. The nature of the sensitive information depends on the integrations enabled for the Elastic Agent and their respective versions. \nSeverity: 7.7 | HIGH \nVisit the link for more details, such as CVSS details, affected products, timeline, and more...\",\n  \"Detection Date\": \"23 Jan 2025\",\n  \"Type\": \"Vulnerability\"\n}\n\ud83d\udd39 t.me/cvedetector \ud83d\udd39", "creation_timestamp": "2025-01-23T08:16:59.000000Z"}, {"uuid": "7f74cef7-9c99-40b3-8b5b-e7122caa2574", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43707", "type": "seen", "source": "https://t.me/DarkWebInformer_CVEAlerts/2712", "content": "\ud83d\udd17 DarkWebInformer.com - Cyber Threat Intelligence\n\ud83d\udccc CVE ID: CVE-2024-43707\n\ud83d\udd39 Description: An issue was identified in Kibana where a user without access to Fleet can view Elastic Agent policies that could contain sensitive information. The nature of the sensitive information depends on the integrations enabled for the Elastic Agent and their respective versions.\n\ud83d\udccf Published: 2025-01-23T06:08:10.724Z\n\ud83d\udccf Modified: 2025-01-23T06:11:58.944Z\n\ud83d\udd17 References:\n1. https://discuss.elastic.co/t/kibana-8-15-0-security-update-esa-2024-29-esa-2024-30/373521", "creation_timestamp": "2025-01-23T07:03:18.000000Z"}, {"uuid": "515a2305-b43e-4b14-98e7-2be8b52c8553", "vulnerability_lookup_origin": "1a89b78e-f703-45f3-bb86-59eb712668bd", "author": "9f56dd64-161d-43a6-b9c3-555944290a09", "vulnerability": "CVE-2024-43707", "type": "seen", "source": "https://t.me/CyberBulletin/2166", "content": "\u26a1CVE-2024-43707: Kibana Patches High Severity Vulnerability Exposing Sensitive Information.\n\n#CyberBulletin", "creation_timestamp": "2025-01-25T12:36:36.000000Z"}]}