VDB

CISA-2025-53884

CISA-2025-53884 PUBLISHED CVSS 5.3 MEDIUM

Reported by suse · Published September 17, 2025

NeuVector stores user passwords and API keys using a simple, unsalted hash. This method is vulnerable to rainbow table attack (offline attack where hashes of known passwords are precomputed).

Risk Scores

CVSS 3.1
5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

Affected Products

VendorProductVersions
SUSEneuvector5.0.0
SUSEneuvector5.0.0, 5.0.0

Timeline

  • Sep 17, 2025 CVE Published
  • Sep 17, 2025 CVE Updated

References

Open in Interactive Console →
$ Console Community · 100/wk Open console ›