From April 27, 2025 to May 12, 2025, Alibaba Cloud upgrades the deployment architecture of Alibaba Cloud Elasticsearch clusters to fix the Kibana vulnerability CVE-2025-25015. This topic describes the impacts of the upgrade and provides the upgrade schedule.
Impacts
Due to this vulnerability, the processes of Kibana nodes need to be restarted. During the restart, Kibana will be unavailable, but Elasticsearch clusters can still provide services.
Precautions
Take note of the upgrade time of clusters in each region. During the upgrade, we recommend that you do not perform cluster update operations, such as cluster or node restart, cluster configuration upgrade, and cluster configuration downgrade, unless necessary.
Upgrade schedule
Upgrade time (UTC+8) | Region name | Region ID |
17:00 to 21:00 on April 27, 2025 | UK (London) | eu-west-1 |
Germany (Frankfurt) | eu-central-1 | |
US (Virginia) | us-east-1 | |
US (Silicon Valley) | us-west-1 | |
14:00 to 18:00 on April 29, 2025 | Singapore | ap-southeast-1 |
Malaysia (Kuala Lumpur) | ap-southeast-3 | |
Indonesia (Jakarta) | ap-southeast-5 | |
Japan (Tokyo) | ap-northeast-1 | |
South Korea (Seoul) | ap-northeast-2 | |
19:00 on May 6, 2025 to 02:00 on May 7, 2025 | China (Hangzhou) | cn-hangzhou |
China (Shenzhen) | cn-shenzhen | |
China (Hong Kong) | cn-hongkong | |
China (Qingdao) | cn-qingdao | |
China (Chengdu) | cn-chengdu | |
19:00 on May 8, 2025 to 02:00 on May 11, 2025 | China (Beijing) | cn-beijing |
China (Shanghai) | cn-shanghai | |
China (Zhangjiakou) | cn-zhangjiakou | |
China (Guangzhou) | cn-guangzhou | |
China (Ulanqab) | cn-wulanchabu | |
20:00 to 24:00 on May 12, 2025 | China North 2 Ali Gov 1 | cn-north-2-gov-1 |
China East 1 Finance | cn-hangzhou-finance | |
China East 2 Finance | cn-shanghai-finance-1 | |
China North 2 Finance | cn-beijing-finance-1 | |
Wulanchabu HDG ACDR | cn-wulanchabu-acdr-1 |