FKIE_CVE-2025-22241

Vulnerability from fkie_nvd - Published: 2025-06-13 07:15 - Updated: 2025-06-17 18:15
Severity ?
5.6 (Medium) - CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N
Summary
File contents overwrite the VirtKey class is called when “on-demand pillar” data is requested and uses un-validated input to create paths to the “pki directory”. The functionality is used to auto-accept Minion authentication keys based on a pre-placed “authorization file” at a specific location and is present in the default configuration.
References
security@vmware.comhttps://docs.saltproject.io/en/3006/topics/releases/3006.12.html
security@vmware.comhttps://docs.saltproject.io/en/3007/topics/releases/3007.4.html
Impacted products
Vendor Product Version
To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "File contents overwrite the VirtKey class is called when \u201con-demand pillar\u201d data is requested and uses un-validated input to create paths to the \u201cpki directory\u201d. The functionality is used to auto-accept Minion authentication keys based on a pre-placed \u201cauthorization file\u201d at a specific location and is present in the default configuration."
    },
    {
      "lang": "es",
      "value": "El contenido del archivo sobrescribe la clase VirtKey, que se invoca cuando se solicitan datos del pilar bajo demanda y utiliza datos no validados para crear rutas al directorio PKI. Esta funci\u00f3n se utiliza para aceptar autom\u00e1ticamente las claves de autenticaci\u00f3n de Minion bas\u00e1ndose en un archivo de autorizaci\u00f3n preinstalado en una ubicaci\u00f3n espec\u00edfica y est\u00e1 presente en la configuraci\u00f3n predeterminada."
    }
  ],
  "id": "CVE-2025-22241",
  "lastModified": "2025-06-17T18:15:25.043",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "LOCAL",
          "availabilityImpact": "NONE",
          "baseScore": 5.6,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "HIGH",
          "scope": "UNCHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:N",
          "version": "3.1"
        },
        "exploitabilityScore": 0.3,
        "impactScore": 5.2,
        "source": "security@vmware.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-06-13T07:15:21.567",
  "references": [
    {
      "source": "security@vmware.com",
      "url": "https://docs.saltproject.io/en/3006/topics/releases/3006.12.html"
    },
    {
      "source": "security@vmware.com",
      "url": "https://docs.saltproject.io/en/3007/topics/releases/3007.4.html"
    }
  ],
  "sourceIdentifier": "security@vmware.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-22"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.