CVE-2025-37731: Elasticsearch PKI Realm Authentication Bypass Vulnerability Allows User Impersonation Through Crafted Client Certificates
(updated )
Improper Authentication in Elasticsearch PKI realm can lead to user impersonation via specially crafted client certificates. A malicious actor would need to have such a crafted client certificate signed by a legitimate, trusted Certificate Authority.
References
- discuss.elastic.co/t/elasticsearch-8-19-8-9-1-8-and-9-2-2-security-update-esa-2025-27/384063
- github.com/advisories/GHSA-m9gh-789g-q5pv
- github.com/elastic/elasticsearch
- github.com/elastic/elasticsearch/commit/cd97b8566bf56e628070021300784cb9cee0286f
- github.com/elastic/elasticsearch/commit/d8a408da79f214395845d99d241e832077045983
- github.com/elastic/elasticsearch/commit/e519fe4c51a3c887675eb7daea2f914738847f23
- nvd.nist.gov/vuln/detail/CVE-2025-37731
Code Behaviors & Features
Detect and mitigate CVE-2025-37731 with GitLab Dependency Scanning
Secure your software supply chain by verifying that all open source dependencies used in your projects contain no disclosed vulnerabilities. Learn more about Dependency Scanning →