Incorrect Authorization Vulnerability in Elastic Defend by Elastic
CVE-2026-56152

5.3MEDIUM

Key Information:

Vendor

Elastic

Vendor
CVE Published:
1 July 2026

What is CVE-2026-56152?

An incorrect authorization vulnerability exists in Elastic Defend that may allow low-privileged authenticated users to access sensitive response action data. This issue arises from functionality not being properly constrained by access control lists (ACLs). As a result, users might exploit this flaw to gain visibility into information they are not entitled to, potentially leading to security breaches and data leaks.

Affected Version(s)

Elastic Defend 9.3.0 <= 9.3.1

Elastic Defend 8.6.0 <= 8.19.12

Elastic Defend 9.0.0 <= 9.2.6

References

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.