A flaw was discovered in Kibana in which users with Read access to the Uptime feature could modify alerting rules. A user with this privilege would be able to create new alerting rules or overwrite existing ones. However, any new or modified rules would not be enabled, and a user with this privilege could not modify alerting connectors. This effectively means that Read users could disable existing alerting rules.
{
"osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2022/23xxx/CVE-2022-23709.json",
"cna_assigner": "elastic",
"cwe_ids": [
"CWE-264"
]
}{
"cpe": [
"cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*",
"cpe:2.3:a:elastic:kibana:8.0.0:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "7.7.0"
},
{
"fixed": "7.17.1"
},
{
"introduced": "8.0.0"
},
{
"last_affected": "8.0.0"
}
],
"source": [
"CPE_RANGE",
"CPE_STRING"
]
}[
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"236836815310709596383608286106644790881",
"196381633559554339088896249561089112903",
"146873537089190934299820367594122268218",
"334357347513489300173246355664845051067"
]
},
"target": {
"file": "x-pack/plugin/deprecation/src/test/java/org/elasticsearch/xpack/deprecation/NodeDeprecationChecksTests.java"
},
"id": "CVE-2022-23709-46868c56",
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/elastic/elasticsearch/commit/e5acb99f822233d62d6444ce45a4543dc1c8059a",
"deprecated": false
},
{
"digest": {
"function_hash": "165482351688345707173695098433441287823",
"length": 1319.0
},
"target": {
"function": "monitoringExporterGroupedSetting",
"file": "x-pack/plugin/deprecation/src/test/java/org/elasticsearch/xpack/deprecation/NodeDeprecationChecksTests.java"
},
"id": "CVE-2022-23709-5d0e65b7",
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/elastic/elasticsearch/commit/e5acb99f822233d62d6444ce45a4543dc1c8059a",
"deprecated": false
},
{
"digest": {
"function_hash": "81242662974819149104372912973832414697",
"length": 1971.0
},
"target": {
"function": "deprecatedAffixGroupedSetting",
"file": "x-pack/plugin/deprecation/src/main/java/org/elasticsearch/xpack/deprecation/NodeDeprecationChecks.java"
},
"id": "CVE-2022-23709-6a9a5cc6",
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/elastic/elasticsearch/commit/e5acb99f822233d62d6444ce45a4543dc1c8059a",
"deprecated": false
},
{
"digest": {
"threshold": 0.9,
"line_hashes": [
"142965958877837107677794816119383469250",
"16841893402362179998478465353024513221",
"206022478088870697769046647787008760564",
"216095244516550820119455808353224037846",
"46142714263656663437914612207197745209",
"15088390182960363056546331595655444257",
"234182045088025048292414092125412433047",
"255272807197668761160103392865329307400",
"117362707116158116788652207123491886620",
"292421547288413531568142709484731301692",
"304976113980423471330374207259607813425"
]
},
"target": {
"file": "x-pack/plugin/deprecation/src/main/java/org/elasticsearch/xpack/deprecation/NodeDeprecationChecks.java"
},
"id": "CVE-2022-23709-7138c559",
"signature_version": "v1",
"signature_type": "Line",
"source": "https://github.com/elastic/elasticsearch/commit/e5acb99f822233d62d6444ce45a4543dc1c8059a",
"deprecated": false
},
{
"digest": {
"function_hash": "1789796353482668074025554634844605557",
"length": 1194.0
},
"target": {
"function": "deprecatedAffixSetting",
"file": "x-pack/plugin/deprecation/src/main/java/org/elasticsearch/xpack/deprecation/NodeDeprecationChecks.java"
},
"id": "CVE-2022-23709-7b0c41ec",
"signature_version": "v1",
"signature_type": "Function",
"source": "https://github.com/elastic/elasticsearch/commit/e5acb99f822233d62d6444ce45a4543dc1c8059a",
"deprecated": false
}
]
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2022-23709.json"
"2026-07-09T06:37:14Z"
{
"cpe": [
"cpe:2.3:a:elastic:kibana:*:*:*:*:*:*:*:*",
"cpe:2.3:a:elastic:kibana:8.0.0:*:*:*:*:*:*:*"
],
"extracted_events": [
{
"introduced": "7.7.0"
},
{
"fixed": "7.17.1"
},
{
"introduced": "8.0.0"
},
{
"last_affected": "8.0.0"
}
],
"source": [
"CPE_RANGE",
"CPE_STRING"
]
}