Search criteria
16 vulnerabilities found for neuvector by SUSE
CVE-2025-54471 (GCVE-0-2025-54471)
Vulnerability from cvelistv5 – Published: 2025-10-30 09:45 – Updated: 2025-10-30 13:59
VLAI?
Title
NeuVector is shipping cryptographic material into its binary
Summary
NeuVector used a hard-coded cryptographic key embedded in the source
code. At compilation time, the key value was replaced with the secret
key value and used to encrypt sensitive configurations when NeuVector
stores the data.
Severity ?
6.5 (Medium)
CWE
- CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54471",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-30T13:59:48.001541Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T13:59:54.426Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/neuvector/neuvector",
"product": "neuvector",
"vendor": "SUSE",
"versions": [
{
"lessThan": "5.4.7",
"status": "affected",
"version": "5.3.0",
"versionType": "semver"
},
{
"lessThan": "0.0.0-20251020133207-084a437033b4",
"status": "affected",
"version": "0.0.0-20230727023453-1c4957d53911",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-10-21T18:26:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "NeuVector used a hard-coded cryptographic key embedded in the source \ncode. At compilation time, the key value was replaced with the secret \nkey value and used to encrypt sensitive configurations when NeuVector \nstores the data.\u003cbr\u003e"
}
],
"value": "NeuVector used a hard-coded cryptographic key embedded in the source \ncode. At compilation time, the key value was replaced with the secret \nkey value and used to encrypt sensitive configurations when NeuVector \nstores the data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321: Use of Hard-coded Cryptographic Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T09:45:56.931Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-54471"
},
{
"url": "https://github.com/neuvector/neuvector/security/advisories/GHSA-h773-7gf7-9m2x"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NeuVector is shipping cryptographic material into its binary",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-54471",
"datePublished": "2025-10-30T09:45:56.931Z",
"dateReserved": "2025-07-23T08:11:16.426Z",
"dateUpdated": "2025-10-30T13:59:54.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-54469 (GCVE-0-2025-54469)
Vulnerability from cvelistv5 – Published: 2025-10-30 09:41 – Updated: 2025-10-31 03:55
VLAI?
Title
NeuVector Enforcer is vulnerable to Command Injection and Buffer overflow
Summary
A vulnerability was identified in NeuVector, where the enforcer used environment variables CLUSTER_RPC_PORT and CLUSTER_LAN_PORT to generate a command to be executed via popen, without first sanitising their values.
The entry process of the enforcer container is the monitor
process. When the enforcer container stops, the monitor process checks
whether the consul subprocess has exited. To perform this check, the
monitor process uses the popen function to execute a shell command that determines whether the ports used by the consul subprocess are still active.
The values of environment variables CLUSTER_RPC_PORT and CLUSTER_LAN_PORT
are used directly to compose shell commands via popen without
validation or sanitization. This behavior could allow a malicious user
to inject malicious commands through these variables within the enforcer
container.
Severity ?
9.9 (Critical)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54469",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-30T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T03:55:27.162Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/neuvector/neuvector",
"product": "neuvector",
"vendor": "SUSE",
"versions": [
{
"lessThan": "5.3.5",
"status": "affected",
"version": "5.3.0",
"versionType": "semver"
},
{
"lessThan": "5.4.7",
"status": "affected",
"version": "5.4.0",
"versionType": "semver"
},
{
"lessThan": "0.0.0-20251020133207-084a437033b4",
"status": "affected",
"version": "0.0.0-20230727023453-1c4957d53911",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-10-21T18:25:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability was identified in NeuVector, where the enforcer used environment variables \u003ccode\u003eCLUSTER_RPC_PORT\u003c/code\u003e and \u003ccode\u003eCLUSTER_LAN_PORT\u003c/code\u003e to generate a command to be executed via \u003ccode\u003epopen\u003c/code\u003e, without first sanitising their values.\u003c/p\u003e\n\u003cp\u003eThe entry process of the enforcer container is the monitor\n process. When the enforcer container stops, the monitor process checks \nwhether the consul subprocess has exited. To perform this check, the \nmonitor process uses the \u003ccode\u003epopen\u003c/code\u003e function to execute a shell command that determines whether the ports used by the consul subprocess are still active.\u003c/p\u003e\n\u003cp\u003eThe values of environment variables \u003ccode\u003eCLUSTER_RPC_PORT\u003c/code\u003e and \u003ccode\u003eCLUSTER_LAN_PORT\u003c/code\u003e\n are used directly to compose shell commands via popen without \nvalidation or sanitization. This behavior could allow a malicious user \nto inject malicious commands through these variables within the enforcer\n container.\u003c/p\u003e"
}
],
"value": "A vulnerability was identified in NeuVector, where the enforcer used environment variables CLUSTER_RPC_PORT and CLUSTER_LAN_PORT to generate a command to be executed via popen, without first sanitising their values.\n\n\nThe entry process of the enforcer container is the monitor\n process. When the enforcer container stops, the monitor process checks \nwhether the consul subprocess has exited. To perform this check, the \nmonitor process uses the popen function to execute a shell command that determines whether the ports used by the consul subprocess are still active.\n\n\nThe values of environment variables CLUSTER_RPC_PORT and CLUSTER_LAN_PORT\n are used directly to compose shell commands via popen without \nvalidation or sanitization. This behavior could allow a malicious user \nto inject malicious commands through these variables within the enforcer\n container."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T09:44:09.453Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-54469"
},
{
"url": "https://github.com/neuvector/neuvector/security/advisories/GHSA-c8g6-qrwh-m3vp"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NeuVector Enforcer is vulnerable to Command Injection and Buffer overflow",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-54469",
"datePublished": "2025-10-30T09:41:57.086Z",
"dateReserved": "2025-07-23T08:11:16.425Z",
"dateUpdated": "2025-10-31T03:55:27.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-54470 (GCVE-0-2025-54470)
Vulnerability from cvelistv5 – Published: 2025-10-30 09:38 – Updated: 2025-10-30 14:01
VLAI?
Title
NeuVector telemetry sender is vulnerable to MITM and DoS
Summary
This vulnerability affects NeuVector deployments only when the Report anonymous cluster data option is enabled. When this option is enabled, NeuVector sends anonymous telemetry data to the telemetry server.
In affected versions, NeuVector does not enforce TLS
certificate verification when transmitting anonymous cluster data to the
telemetry server. As a result, the communication channel is susceptible
to man-in-the-middle (MITM) attacks, where an attacker could intercept
or modify the transmitted data. Additionally, NeuVector loads the
response of the telemetry server is loaded into memory without size
limitation, which makes it vulnerable to a Denial of Service(DoS)
attack
Severity ?
8.6 (High)
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54470",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-30T14:00:57.006132Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T14:01:08.513Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "https://github.com/neuvector/neuvector",
"product": "neuvector",
"vendor": "SUSE",
"versions": [
{
"lessThan": "5.3.5",
"status": "affected",
"version": "5.3.0",
"versionType": "semver"
},
{
"lessThan": "5.4.7",
"status": "affected",
"version": "5.4.0",
"versionType": "semver"
},
{
"lessThan": "0.0.0-20251020133207-084a437033b4",
"status": "affected",
"version": "0.0.0-20230727023453-1c4957d53911",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-10-21T18:25:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThis vulnerability affects NeuVector deployments only when the \u003ccode\u003eReport anonymous cluster data option\u003c/code\u003e is enabled. When this option is enabled, NeuVector sends anonymous telemetry data to the telemetry server.\u003c/p\u003e\n\u003cp\u003eIn affected versions, NeuVector does not enforce TLS \ncertificate verification when transmitting anonymous cluster data to the\n telemetry server. As a result, the communication channel is susceptible\n to man-in-the-middle (MITM) attacks, where an attacker could intercept \nor modify the transmitted data. Additionally, NeuVector loads the \nresponse of the telemetry server is loaded into memory without size \nlimitation, which makes it vulnerable to a Denial of Service(DoS) \nattack\u003c/p\u003e"
}
],
"value": "This vulnerability affects NeuVector deployments only when the Report anonymous cluster data option is enabled. When this option is enabled, NeuVector sends anonymous telemetry data to the telemetry server.\n\n\nIn affected versions, NeuVector does not enforce TLS \ncertificate verification when transmitting anonymous cluster data to the\n telemetry server. As a result, the communication channel is susceptible\n to man-in-the-middle (MITM) attacks, where an attacker could intercept \nor modify the transmitted data. Additionally, NeuVector loads the \nresponse of the telemetry server is loaded into memory without size \nlimitation, which makes it vulnerable to a Denial of Service(DoS) \nattack"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295: Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T09:38:58.261Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-54470"
},
{
"url": "https://github.com/neuvector/neuvector/security/advisories/GHSA-qqj3-g7mx-5p4w"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NeuVector telemetry sender is vulnerable to MITM and DoS",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-54470",
"datePublished": "2025-10-30T09:38:58.261Z",
"dateReserved": "2025-07-23T08:11:16.425Z",
"dateUpdated": "2025-10-30T14:01:08.513Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-8077 (GCVE-0-2025-8077)
Vulnerability from cvelistv5 – Published: 2025-09-17 12:33 – Updated: 2025-09-18 03:55
VLAI?
Title
NeuVector admin account has insecure default password
Summary
A vulnerability exists in NeuVector versions up to and including 5.4.5, where a fixed string is used as the default password for the built-in `admin` account. If this password is not changed immediately after deployment, any workload with network access within the cluster could use the default credentials to obtain an authentication token. This token can then be used to perform any operation via NeuVector APIs.
Severity ?
9.8 (Critical)
CWE
- CWE-1393 - Use of Default Password
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8077",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-17T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-18T03:55:12.546Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/neuvector/neuvector",
"product": "neuvector",
"vendor": "SUSE",
"versions": [
{
"lessThan": "5.4.6",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-08-28T11:33:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability exists in NeuVector versions up to and including 5.4.5, where a fixed string is used as the default password for the built-in `admin` account. If this password is not changed immediately after deployment, any workload with network access within the cluster could use the default credentials to obtain an authentication token. This token can then be used to perform any operation via NeuVector APIs."
}
],
"value": "A vulnerability exists in NeuVector versions up to and including 5.4.5, where a fixed string is used as the default password for the built-in `admin` account. If this password is not changed immediately after deployment, any workload with network access within the cluster could use the default credentials to obtain an authentication token. This token can then be used to perform any operation via NeuVector APIs."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1393",
"description": "CWE-1393: Use of Default Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T12:33:37.904Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-8077"
},
{
"url": "https://github.com/neuvector/neuvector/security/advisories/GHSA-8pxw-9c75-6w56"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NeuVector admin account has insecure default password",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-8077",
"datePublished": "2025-09-17T12:33:37.904Z",
"dateReserved": "2025-07-23T08:11:06.216Z",
"dateUpdated": "2025-09-18T03:55:12.546Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-54467 (GCVE-0-2025-54467)
Vulnerability from cvelistv5 – Published: 2025-09-17 12:29 – Updated: 2025-09-17 13:19
VLAI?
Title
NeuVector process with sensitive arguments lead to leakage
Summary
When a Java command with password parameters is executed and terminated by NeuVector for Process rule violation the password will appear in the NeuVector security event log.
Severity ?
5.3 (Medium)
CWE
- CWE-522 - Insufficiently Protected Credentials
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54467",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-17T13:19:50.489206Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T13:19:59.410Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/neuvector/neuvector",
"product": "neuvector",
"vendor": "SUSE",
"versions": [
{
"lessThan": "5.4.6",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-08-28T11:33:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "When a Java command with password parameters is executed and terminated by NeuVector for Process rule violation the password will\u0026nbsp;appear in the NeuVector security event log."
}
],
"value": "When a Java command with password parameters is executed and terminated by NeuVector for Process rule violation the password will\u00a0appear in the NeuVector security event log."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522: Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T12:32:01.726Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-54467"
},
{
"url": "https://github.com/neuvector/neuvector/security/advisories/GHSA-w54x-xfxg-4gxq"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NeuVector process with sensitive arguments lead to leakage",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-54467",
"datePublished": "2025-09-17T12:29:36.480Z",
"dateReserved": "2025-07-23T08:11:16.425Z",
"dateUpdated": "2025-09-17T13:19:59.410Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53884 (GCVE-0-2025-53884)
Vulnerability from cvelistv5 – Published: 2025-09-17 12:27 – Updated: 2025-09-17 13:24
VLAI?
Title
NeuVector has an insecure password storage vulnerable to rainbow attack
Summary
NeuVector stores user passwords and API keys using a simple, unsalted hash. This method is vulnerable to rainbow table attack (offline attack where hashes of known passwords are precomputed).
Severity ?
5.3 (Medium)
CWE
- CWE-759 - Use of a One-Way Hash without a Salt
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53884",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-17T13:23:56.456330Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T13:24:19.979Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/neuvector/neuvector",
"product": "neuvector",
"vendor": "SUSE",
"versions": [
{
"lessThan": "5.4.6",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-08-26T16:18:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "NeuVector stores user passwords and API keys using a simple, unsalted hash. This method is vulnerable to rainbow table attack (offline attack where hashes of known passwords are precomputed)."
}
],
"value": "NeuVector stores user passwords and API keys using a simple, unsalted hash. This method is vulnerable to rainbow table attack (offline attack where hashes of known passwords are precomputed)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-759",
"description": "CWE-759: Use of a One-Way Hash without a Salt",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T12:27:03.128Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-53884"
},
{
"url": "https://github.com/neuvector/neuvector/security/advisories/GHSA-8ff6-pc43-jwv3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NeuVector has an insecure password storage vulnerable to rainbow attack",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-53884",
"datePublished": "2025-09-17T12:27:03.128Z",
"dateReserved": "2025-07-11T10:53:52.682Z",
"dateUpdated": "2025-09-17T13:24:19.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32188 (GCVE-0-2023-32188)
Vulnerability from cvelistv5 – Published: 2024-10-16 08:25 – Updated: 2024-10-16 17:25
VLAI?
Title
JWT token compromise can allow malicious actions including Remote Code Execution (RCE)
Summary
A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE.
Severity ?
CWE
- CWE-1270 - Generation of Incorrect Security Tokens
Assigner
References
Impacted products
Credits
Dejan Zelic at Offensive Security
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:neuvector:neuvector:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "neuvector",
"vendor": "neuvector",
"versions": [
{
"lessThan": "0.0.0-20231003121714-be746957ee7c",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32188",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-16T16:27:04.384960Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-16T17:25:54.710Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/neuvector/neuvector",
"product": "neuvector",
"vendor": "SUSE",
"versions": [
{
"lessThan": "0.0.0-20231003121714-be746957ee7c",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dejan Zelic at Offensive Security"
}
],
"datePublic": "2023-10-06T18:43:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE."
}
],
"value": "A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1270",
"description": "CWE-1270 Generation of Incorrect Security Tokens",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-16T08:25:59.699Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32188"
},
{
"url": "https://github.com/neuvector/neuvector/security/advisories/GHSA-622h-h2p8-743x"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "JWT token compromise can allow malicious actions including Remote Code Execution (RCE)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2023-32188",
"datePublished": "2024-10-16T08:25:59.699Z",
"dateReserved": "2023-05-04T08:30:59.321Z",
"dateUpdated": "2024-10-16T17:25:54.710Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22644 (GCVE-0-2023-22644)
Vulnerability from cvelistv5 – Published: 2023-09-20 08:12 – Updated: 2025-04-07 17:19
VLAI?
Title
JWT token compromise can allow malicious actions including Remote Code Execution (RCE)
Summary
A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE.
Severity ?
CWE
- CWE-1270 - Generation of Incorrect Security Tokens
Assigner
References
Impacted products
Credits
Dejan Zelic at Offensive Security
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:49.392Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-22644"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22644",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-07T17:18:53.805900Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-07T17:19:01.804Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/neuvector/neuvector",
"product": "neuvector",
"vendor": "SUSE",
"versions": [
{
"lessThan": "0.0.0-20231003121714-be746957ee7c",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dejan Zelic at Offensive Security"
}
],
"datePublic": "2023-10-06T18:43:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE."
}
],
"value": "A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1270",
"description": "CWE-1270: Generation of Incorrect Security Tokens",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T13:15:32.628Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32188"
},
{
"url": "https://github.com/neuvector/neuvector/security/advisories/GHSA-622h-h2p8-743x"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "JWT token compromise can allow malicious actions including Remote Code Execution (RCE)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2023-22644",
"datePublished": "2023-09-20T08:12:34.130Z",
"dateReserved": "2023-01-05T10:40:08.605Z",
"dateUpdated": "2025-04-07T17:19:01.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-54471 (GCVE-0-2025-54471)
Vulnerability from nvd – Published: 2025-10-30 09:45 – Updated: 2025-10-30 13:59
VLAI?
Title
NeuVector is shipping cryptographic material into its binary
Summary
NeuVector used a hard-coded cryptographic key embedded in the source
code. At compilation time, the key value was replaced with the secret
key value and used to encrypt sensitive configurations when NeuVector
stores the data.
Severity ?
6.5 (Medium)
CWE
- CWE-321 - Use of Hard-coded Cryptographic Key
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54471",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-30T13:59:48.001541Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T13:59:54.426Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/neuvector/neuvector",
"product": "neuvector",
"vendor": "SUSE",
"versions": [
{
"lessThan": "5.4.7",
"status": "affected",
"version": "5.3.0",
"versionType": "semver"
},
{
"lessThan": "0.0.0-20251020133207-084a437033b4",
"status": "affected",
"version": "0.0.0-20230727023453-1c4957d53911",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-10-21T18:26:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "NeuVector used a hard-coded cryptographic key embedded in the source \ncode. At compilation time, the key value was replaced with the secret \nkey value and used to encrypt sensitive configurations when NeuVector \nstores the data.\u003cbr\u003e"
}
],
"value": "NeuVector used a hard-coded cryptographic key embedded in the source \ncode. At compilation time, the key value was replaced with the secret \nkey value and used to encrypt sensitive configurations when NeuVector \nstores the data."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-321",
"description": "CWE-321: Use of Hard-coded Cryptographic Key",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T09:45:56.931Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-54471"
},
{
"url": "https://github.com/neuvector/neuvector/security/advisories/GHSA-h773-7gf7-9m2x"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NeuVector is shipping cryptographic material into its binary",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-54471",
"datePublished": "2025-10-30T09:45:56.931Z",
"dateReserved": "2025-07-23T08:11:16.426Z",
"dateUpdated": "2025-10-30T13:59:54.426Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-54469 (GCVE-0-2025-54469)
Vulnerability from nvd – Published: 2025-10-30 09:41 – Updated: 2025-10-31 03:55
VLAI?
Title
NeuVector Enforcer is vulnerable to Command Injection and Buffer overflow
Summary
A vulnerability was identified in NeuVector, where the enforcer used environment variables CLUSTER_RPC_PORT and CLUSTER_LAN_PORT to generate a command to be executed via popen, without first sanitising their values.
The entry process of the enforcer container is the monitor
process. When the enforcer container stops, the monitor process checks
whether the consul subprocess has exited. To perform this check, the
monitor process uses the popen function to execute a shell command that determines whether the ports used by the consul subprocess are still active.
The values of environment variables CLUSTER_RPC_PORT and CLUSTER_LAN_PORT
are used directly to compose shell commands via popen without
validation or sanitization. This behavior could allow a malicious user
to inject malicious commands through these variables within the enforcer
container.
Severity ?
9.9 (Critical)
CWE
- CWE-78 - Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection')
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54469",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-30T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-31T03:55:27.162Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/neuvector/neuvector",
"product": "neuvector",
"vendor": "SUSE",
"versions": [
{
"lessThan": "5.3.5",
"status": "affected",
"version": "5.3.0",
"versionType": "semver"
},
{
"lessThan": "5.4.7",
"status": "affected",
"version": "5.4.0",
"versionType": "semver"
},
{
"lessThan": "0.0.0-20251020133207-084a437033b4",
"status": "affected",
"version": "0.0.0-20230727023453-1c4957d53911",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-10-21T18:25:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eA vulnerability was identified in NeuVector, where the enforcer used environment variables \u003ccode\u003eCLUSTER_RPC_PORT\u003c/code\u003e and \u003ccode\u003eCLUSTER_LAN_PORT\u003c/code\u003e to generate a command to be executed via \u003ccode\u003epopen\u003c/code\u003e, without first sanitising their values.\u003c/p\u003e\n\u003cp\u003eThe entry process of the enforcer container is the monitor\n process. When the enforcer container stops, the monitor process checks \nwhether the consul subprocess has exited. To perform this check, the \nmonitor process uses the \u003ccode\u003epopen\u003c/code\u003e function to execute a shell command that determines whether the ports used by the consul subprocess are still active.\u003c/p\u003e\n\u003cp\u003eThe values of environment variables \u003ccode\u003eCLUSTER_RPC_PORT\u003c/code\u003e and \u003ccode\u003eCLUSTER_LAN_PORT\u003c/code\u003e\n are used directly to compose shell commands via popen without \nvalidation or sanitization. This behavior could allow a malicious user \nto inject malicious commands through these variables within the enforcer\n container.\u003c/p\u003e"
}
],
"value": "A vulnerability was identified in NeuVector, where the enforcer used environment variables CLUSTER_RPC_PORT and CLUSTER_LAN_PORT to generate a command to be executed via popen, without first sanitising their values.\n\n\nThe entry process of the enforcer container is the monitor\n process. When the enforcer container stops, the monitor process checks \nwhether the consul subprocess has exited. To perform this check, the \nmonitor process uses the popen function to execute a shell command that determines whether the ports used by the consul subprocess are still active.\n\n\nThe values of environment variables CLUSTER_RPC_PORT and CLUSTER_LAN_PORT\n are used directly to compose shell commands via popen without \nvalidation or sanitization. This behavior could allow a malicious user \nto inject malicious commands through these variables within the enforcer\n container."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.9,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-78",
"description": "CWE-78: Improper Neutralization of Special Elements used in an OS Command (\u0027OS Command Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T09:44:09.453Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-54469"
},
{
"url": "https://github.com/neuvector/neuvector/security/advisories/GHSA-c8g6-qrwh-m3vp"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NeuVector Enforcer is vulnerable to Command Injection and Buffer overflow",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-54469",
"datePublished": "2025-10-30T09:41:57.086Z",
"dateReserved": "2025-07-23T08:11:16.425Z",
"dateUpdated": "2025-10-31T03:55:27.162Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-54470 (GCVE-0-2025-54470)
Vulnerability from nvd – Published: 2025-10-30 09:38 – Updated: 2025-10-30 14:01
VLAI?
Title
NeuVector telemetry sender is vulnerable to MITM and DoS
Summary
This vulnerability affects NeuVector deployments only when the Report anonymous cluster data option is enabled. When this option is enabled, NeuVector sends anonymous telemetry data to the telemetry server.
In affected versions, NeuVector does not enforce TLS
certificate verification when transmitting anonymous cluster data to the
telemetry server. As a result, the communication channel is susceptible
to man-in-the-middle (MITM) attacks, where an attacker could intercept
or modify the transmitted data. Additionally, NeuVector loads the
response of the telemetry server is loaded into memory without size
limitation, which makes it vulnerable to a Denial of Service(DoS)
attack
Severity ?
8.6 (High)
CWE
- CWE-295 - Improper Certificate Validation
Assigner
References
Impacted products
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54470",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-10-30T14:00:57.006132Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T14:01:08.513Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "https://github.com/neuvector/neuvector",
"product": "neuvector",
"vendor": "SUSE",
"versions": [
{
"lessThan": "5.3.5",
"status": "affected",
"version": "5.3.0",
"versionType": "semver"
},
{
"lessThan": "5.4.7",
"status": "affected",
"version": "5.4.0",
"versionType": "semver"
},
{
"lessThan": "0.0.0-20251020133207-084a437033b4",
"status": "affected",
"version": "0.0.0-20230727023453-1c4957d53911",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-10-21T18:25:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cp\u003eThis vulnerability affects NeuVector deployments only when the \u003ccode\u003eReport anonymous cluster data option\u003c/code\u003e is enabled. When this option is enabled, NeuVector sends anonymous telemetry data to the telemetry server.\u003c/p\u003e\n\u003cp\u003eIn affected versions, NeuVector does not enforce TLS \ncertificate verification when transmitting anonymous cluster data to the\n telemetry server. As a result, the communication channel is susceptible\n to man-in-the-middle (MITM) attacks, where an attacker could intercept \nor modify the transmitted data. Additionally, NeuVector loads the \nresponse of the telemetry server is loaded into memory without size \nlimitation, which makes it vulnerable to a Denial of Service(DoS) \nattack\u003c/p\u003e"
}
],
"value": "This vulnerability affects NeuVector deployments only when the Report anonymous cluster data option is enabled. When this option is enabled, NeuVector sends anonymous telemetry data to the telemetry server.\n\n\nIn affected versions, NeuVector does not enforce TLS \ncertificate verification when transmitting anonymous cluster data to the\n telemetry server. As a result, the communication channel is susceptible\n to man-in-the-middle (MITM) attacks, where an attacker could intercept \nor modify the transmitted data. Additionally, NeuVector loads the \nresponse of the telemetry server is loaded into memory without size \nlimitation, which makes it vulnerable to a Denial of Service(DoS) \nattack"
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.6,
"baseSeverity": "HIGH",
"confidentialityImpact": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-295",
"description": "CWE-295: Improper Certificate Validation",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-10-30T09:38:58.261Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-54470"
},
{
"url": "https://github.com/neuvector/neuvector/security/advisories/GHSA-qqj3-g7mx-5p4w"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NeuVector telemetry sender is vulnerable to MITM and DoS",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-54470",
"datePublished": "2025-10-30T09:38:58.261Z",
"dateReserved": "2025-07-23T08:11:16.425Z",
"dateUpdated": "2025-10-30T14:01:08.513Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.2"
}
CVE-2025-8077 (GCVE-0-2025-8077)
Vulnerability from nvd – Published: 2025-09-17 12:33 – Updated: 2025-09-18 03:55
VLAI?
Title
NeuVector admin account has insecure default password
Summary
A vulnerability exists in NeuVector versions up to and including 5.4.5, where a fixed string is used as the default password for the built-in `admin` account. If this password is not changed immediately after deployment, any workload with network access within the cluster could use the default credentials to obtain an authentication token. This token can then be used to perform any operation via NeuVector APIs.
Severity ?
9.8 (Critical)
CWE
- CWE-1393 - Use of Default Password
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-8077",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-17T00:00:00+00:00",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-18T03:55:12.546Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/neuvector/neuvector",
"product": "neuvector",
"vendor": "SUSE",
"versions": [
{
"lessThan": "5.4.6",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-08-28T11:33:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A vulnerability exists in NeuVector versions up to and including 5.4.5, where a fixed string is used as the default password for the built-in `admin` account. If this password is not changed immediately after deployment, any workload with network access within the cluster could use the default credentials to obtain an authentication token. This token can then be used to perform any operation via NeuVector APIs."
}
],
"value": "A vulnerability exists in NeuVector versions up to and including 5.4.5, where a fixed string is used as the default password for the built-in `admin` account. If this password is not changed immediately after deployment, any workload with network access within the cluster could use the default credentials to obtain an authentication token. This token can then be used to perform any operation via NeuVector APIs."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1393",
"description": "CWE-1393: Use of Default Password",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T12:33:37.904Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-8077"
},
{
"url": "https://github.com/neuvector/neuvector/security/advisories/GHSA-8pxw-9c75-6w56"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NeuVector admin account has insecure default password",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-8077",
"datePublished": "2025-09-17T12:33:37.904Z",
"dateReserved": "2025-07-23T08:11:06.216Z",
"dateUpdated": "2025-09-18T03:55:12.546Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-54467 (GCVE-0-2025-54467)
Vulnerability from nvd – Published: 2025-09-17 12:29 – Updated: 2025-09-17 13:19
VLAI?
Title
NeuVector process with sensitive arguments lead to leakage
Summary
When a Java command with password parameters is executed and terminated by NeuVector for Process rule violation the password will appear in the NeuVector security event log.
Severity ?
5.3 (Medium)
CWE
- CWE-522 - Insufficiently Protected Credentials
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-54467",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-17T13:19:50.489206Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T13:19:59.410Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/neuvector/neuvector",
"product": "neuvector",
"vendor": "SUSE",
"versions": [
{
"lessThan": "5.4.6",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-08-28T11:33:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "When a Java command with password parameters is executed and terminated by NeuVector for Process rule violation the password will\u0026nbsp;appear in the NeuVector security event log."
}
],
"value": "When a Java command with password parameters is executed and terminated by NeuVector for Process rule violation the password will\u00a0appear in the NeuVector security event log."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-522",
"description": "CWE-522: Insufficiently Protected Credentials",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T12:32:01.726Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-54467"
},
{
"url": "https://github.com/neuvector/neuvector/security/advisories/GHSA-w54x-xfxg-4gxq"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NeuVector process with sensitive arguments lead to leakage",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-54467",
"datePublished": "2025-09-17T12:29:36.480Z",
"dateReserved": "2025-07-23T08:11:16.425Z",
"dateUpdated": "2025-09-17T13:19:59.410Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2025-53884 (GCVE-0-2025-53884)
Vulnerability from nvd – Published: 2025-09-17 12:27 – Updated: 2025-09-17 13:24
VLAI?
Title
NeuVector has an insecure password storage vulnerable to rainbow attack
Summary
NeuVector stores user passwords and API keys using a simple, unsalted hash. This method is vulnerable to rainbow table attack (offline attack where hashes of known passwords are precomputed).
Severity ?
5.3 (Medium)
CWE
- CWE-759 - Use of a One-Way Hash without a Salt
Assigner
References
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-53884",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "yes"
},
{
"Technical Impact": "partial"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-09-17T13:23:56.456330Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T13:24:19.979Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/neuvector/neuvector",
"product": "neuvector",
"vendor": "SUSE",
"versions": [
{
"lessThan": "5.4.6",
"status": "affected",
"version": "5.0.0",
"versionType": "semver"
}
]
}
],
"datePublic": "2025-08-26T16:18:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "NeuVector stores user passwords and API keys using a simple, unsalted hash. This method is vulnerable to rainbow table attack (offline attack where hashes of known passwords are precomputed)."
}
],
"value": "NeuVector stores user passwords and API keys using a simple, unsalted hash. This method is vulnerable to rainbow table attack (offline attack where hashes of known passwords are precomputed)."
}
],
"metrics": [
{
"cvssV3_1": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.1"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-759",
"description": "CWE-759: Use of a One-Way Hash without a Salt",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-09-17T12:27:03.128Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-53884"
},
{
"url": "https://github.com/neuvector/neuvector/security/advisories/GHSA-8ff6-pc43-jwv3"
}
],
"source": {
"discovery": "UNKNOWN"
},
"title": "NeuVector has an insecure password storage vulnerable to rainbow attack",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2025-53884",
"datePublished": "2025-09-17T12:27:03.128Z",
"dateReserved": "2025-07-11T10:53:52.682Z",
"dateUpdated": "2025-09-17T13:24:19.979Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-32188 (GCVE-0-2023-32188)
Vulnerability from nvd – Published: 2024-10-16 08:25 – Updated: 2024-10-16 17:25
VLAI?
Title
JWT token compromise can allow malicious actions including Remote Code Execution (RCE)
Summary
A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE.
Severity ?
CWE
- CWE-1270 - Generation of Incorrect Security Tokens
Assigner
References
Impacted products
Credits
Dejan Zelic at Offensive Security
{
"containers": {
"adp": [
{
"affected": [
{
"cpes": [
"cpe:2.3:a:neuvector:neuvector:*:*:*:*:*:*:*:*"
],
"defaultStatus": "unknown",
"product": "neuvector",
"vendor": "neuvector",
"versions": [
{
"lessThan": "0.0.0-20231003121714-be746957ee7c",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-32188",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2024-10-16T16:27:04.384960Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2024-10-16T17:25:54.710Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/neuvector/neuvector",
"product": "neuvector",
"vendor": "SUSE",
"versions": [
{
"lessThan": "0.0.0-20231003121714-be746957ee7c",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dejan Zelic at Offensive Security"
}
],
"datePublic": "2023-10-06T18:43:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE."
}
],
"value": "A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1270",
"description": "CWE-1270 Generation of Incorrect Security Tokens",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-16T08:25:59.699Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32188"
},
{
"url": "https://github.com/neuvector/neuvector/security/advisories/GHSA-622h-h2p8-743x"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "JWT token compromise can allow malicious actions including Remote Code Execution (RCE)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2023-32188",
"datePublished": "2024-10-16T08:25:59.699Z",
"dateReserved": "2023-05-04T08:30:59.321Z",
"dateUpdated": "2024-10-16T17:25:54.710Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
CVE-2023-22644 (GCVE-0-2023-22644)
Vulnerability from nvd – Published: 2023-09-20 08:12 – Updated: 2025-04-07 17:19
VLAI?
Title
JWT token compromise can allow malicious actions including Remote Code Execution (RCE)
Summary
A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE.
Severity ?
CWE
- CWE-1270 - Generation of Incorrect Security Tokens
Assigner
References
Impacted products
Credits
Dejan Zelic at Offensive Security
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-02T10:13:49.392Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-22644"
}
],
"title": "CVE Program Container"
},
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2023-22644",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-04-07T17:18:53.805900Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"providerMetadata": {
"dateUpdated": "2025-04-07T17:19:01.804Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"packageName": "github.com/neuvector/neuvector",
"product": "neuvector",
"vendor": "SUSE",
"versions": [
{
"lessThan": "0.0.0-20231003121714-be746957ee7c",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"credits": [
{
"lang": "en",
"type": "finder",
"value": "Dejan Zelic at Offensive Security"
}
],
"datePublic": "2023-10-06T18:43:00.000Z",
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE."
}
],
"value": "A user can reverse engineer the JWT token (JSON Web Token) used in authentication for Manager and API access, forging a valid NeuVector Token to perform malicious activity in NeuVector. This can lead to an RCE."
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NOT_DEFINED",
"Recovery": "NOT_DEFINED",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 9.4,
"baseSeverity": "CRITICAL",
"privilegesRequired": "LOW",
"providerUrgency": "NOT_DEFINED",
"subAvailabilityImpact": "HIGH",
"subConfidentialityImpact": "HIGH",
"subIntegrityImpact": "HIGH",
"userInteraction": "NONE",
"valueDensity": "NOT_DEFINED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "NOT_DEFINED"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-1270",
"description": "CWE-1270: Generation of Incorrect Security Tokens",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-10-15T13:15:32.628Z",
"orgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"shortName": "suse"
},
"references": [
{
"url": "https://bugzilla.suse.com/show_bug.cgi?id=CVE-2023-32188"
},
{
"url": "https://github.com/neuvector/neuvector/security/advisories/GHSA-622h-h2p8-743x"
}
],
"source": {
"discovery": "EXTERNAL"
},
"title": "JWT token compromise can allow malicious actions including Remote Code Execution (RCE)",
"x_generator": {
"engine": "Vulnogram 0.1.0-dev"
}
}
},
"cveMetadata": {
"assignerOrgId": "404e59f5-483d-4b8a-8e7a-e67604dd8afb",
"assignerShortName": "suse",
"cveId": "CVE-2023-22644",
"datePublished": "2023-09-20T08:12:34.130Z",
"dateReserved": "2023-01-05T10:40:08.605Z",
"dateUpdated": "2025-04-07T17:19:01.804Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}