For a detailed overview of the security issue(s), including the impact, CVSS score, acknowledgments, and other relevant information, please refer to the links provided in the References section below.
For those customers who cannot update, a workaround is available here.
For details on how to apply this update, which includes the changes described in this advisory, refer to the NetEye Update Section in the User Guide.
Affected Products
All NetEye 4.x versions >=4.31 with both Kibana’s Machine Learning and Reporting features enabled.
Important: Elastic Stack security update Type/Severity NetEye Product Security has rated this update as having a High security impact. Topic An update for the elasticsearch and kibana packages is now available for NetEye 4. Security Fix for NetEye 4.44 9.0.8_neteye3.85.1-1 CVEs CVE-2025-25009: CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:H/I:H/A:N Read More
Satellite config creation in HA mode using zone names with whitespaces We've addressed an issue where running the neteye satellite config create for a satellite configured in HA mode having whitespaces in the Zone name prevented the procedure to successfully Read More
Dashboard Graphs Now Use Full Width We've addressed an issue where service and host graphs on dashboards were not utilizing the full available width. This fix ensures the charts now expand to fill the space, providing a better and clearer Read More
Important: Elastic Stack security update (installed with SIEM) Type/Severity NetEye Product Security has rated this update as having a High security impact. Topic An update for the elasticsearch package is now available for NetEye 4. Security Fix for NetEye 4.43 8.18.6_neteye3.81.9-1 CVE-2025-54988 (Apache Read More
Fix redirect to __SELF__ We resolved a bug for which sometimes during the login workflow an automatic redirect to __SELF__ was performed, forcing the user to manually change the URL on the browser tab. List of updated packages To solve Read More