VDB
CISA-2025-53884
CISA-2025-53884
PUBLISHED
CVSS 5.3 MEDIUM
Reported by suse · Published September 17, 2025
NeuVector stores user passwords and API keys using a simple, unsalted hash. This method is vulnerable to rainbow table attack (offline attack where hashes of known passwords are precomputed).
Risk Scores
CVSS 3.1
5.3
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| SUSE | neuvector | 5.0.0 |
| SUSE | neuvector | 5.0.0, 5.0.0 |
Timeline
- Sep 17, 2025 CVE Published
- Sep 17, 2025 CVE Updated