Important: Elastic Stack security update
Type/Severity
NetEye Product Security has rated this update as having a High security impact.
Topic
An update for the elastic-stack packages (elasticsearch, kibana, filebeat, logstash and elastic-agent) is now available for NetEye 4.
Security Fix for NetEye 4.45
9.2.3_neteye3.88.8-1
CVEs
- CVE-2025-68381
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H - CVE-2025-68382
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H - CVE-2025-68383
CVSS:3.1/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H - CVE-2025-68384
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H - CVE-2025-68385
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N - CVE-2025-68386
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N - CVE-2025-68387
CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:L/I:L/A:N - CVE-2025-68388
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L - CVE-2025-68389
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H - CVE-2025-68390
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
The CVEs affect different components of the Elastic Stack, as outlined below.
Packetbeat
CVEs: CVE-2025-68381, CVE-2025-68382, CVE-2025-68388
The three CVEs are related to Denial of Service (DoS) attacks to the component itself and significant resource exhaustion.
Filebeat
CVE: CVE-2025-68383
The CVE is based on a Denial of Service (DoS) attack on the Filebeat component
Elasticsearch
CVEs: CVE-2025-68390, CVE-2025-68384
The CVEs are based on persistent Denial of Service (DoS) attacks and excessive resource allocation.
Kibana
CVEs: CVE-2025-68385, CVE-2025-68389, CVE-2025-68386, CVE-2025-68387
The CVEs include Cross Site Scripting (XSS), Improper Authorization and Excessive Resource Allocation.
For a detailed overview of the security issues, including the impact, CVSS score, acknowledgments, and other relevant information, please refer to the links provided in the references section.
For details on how to apply this update, which includes the changes described in this advisory, refer to the NetEye Update Section in the User Guide.
Affected Products
All NetEye 4.x versions >= 4.8.
References
- https://neteye.guide/current/security-policy/bugfix-policy.html#severity-levels
- https://discuss.elastic.co/t/kibana-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-36/384184
- https://discuss.elastic.co/t/kibana-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-35/384183
- https://discuss.elastic.co/t/kibana-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-34/384182
- https://discuss.elastic.co/t/kibana-8-19-8-9-1-8-and-9-2-2-security-update-esa-2025-38/384186
- https://discuss.elastic.co/t/elasticsearch-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-33/384181
- https://discuss.elastic.co/t/filebeat-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-32/384180
- https://discuss.elastic.co/t/elasticsearch-8-19-8-9-1-8-and-9-2-2-security-update-esa-2025-37/384185
- https://discuss.elastic.co/t/packetbeat-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-31/384179
- https://discuss.elastic.co/t/packetbeat-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-30/384178
- https://discuss.elastic.co/t/packetbeat-8-19-9-9-1-9-and-9-2-3-security-update-esa-2025-29/384177
Davide Sbetti
Hi! I'm Davide and I'm a Software Developer with the R&D Team in the "IT System & Service Management Solutions" group here at Würth IT Italy. IT has been a passion for me ever since I was a child, and so the direction of my studies was...never in any doubt! Lately, my interests have focused in particular on data science techniques and the training of machine learning models.
Author
Latest posts by Davide Sbetti
30. 03. 2026
APM, Log Management, Log-SIEM, NetEye
Sending OTel Data to Elasticsearch: Tenant Segregation through OAuth