CVE-2026-56152

Summary

Incorrect Authorization (CWE-863) in Elastic Defend can lead to unauthorized information disclosure via Accessing Functionality Not Properly Constrained by ACLs (CAPEC-1). Under certain conditions, a low-privileged authenticated user can access response action data that they are not authorized to view.

Affected Software

VendorProductVersion RangeStatus
ElasticElastic Defend9.3.0 <= 9.3.1affected
ElasticElastic Defend8.6.0 <= 8.19.12affected
ElasticElastic Defend9.0.0 <= 9.2.6affected

Weaknesses

  • CWE-863: CWE-863 Incorrect Authorization

ADP Enrichment

CISA ADP Vulnrichment

  • SSVC:
  • Exploitation: none
    • Automatable: no
    • Technical Impact: partial

References