CVE Catalog

CVE-2026-56152

MediumCVSS 5.3
Published: Updated: Translated: NVD NIST

Exploitation Probability (EPSS)

Low risk
0.18%

8th percentile — higher than 8% of all known CVEs

Summary

CVE-2026-56152 in Elastic Defend is caused by incorrect authorization (CWE-863). It allows a low-privileged authenticated user to access response action data they are not authorized to view, leading to unauthorized information disclosure.

Risk Assessment

The risk involves potential leakage of sensitive response action data, which could compromise information confidentiality and be exploited for further attacks within the organization.

Recommendation

It is recommended to immediately update Elastic Defend to the latest patched version and review access control (ACL) configurations to restrict access to sensitive functionalities.

Original NVD description (English source)

Incorrect Authorization (CWE-863) in Elastic Defend can lead to unauthorized information disclosure via Accessing Functionality Not Properly Constrained by ACLs (CAPEC-1). Under certain conditions, a low-privileged authenticated user can access response action data that they are not authorized to view.

Vulnerability data from NVD (NIST) · CISA KEV · EPSS