CVE-2025-25208 — Vulnetix

Try Vulnetix Request Demo

CVE-2025-25208 PUBLISHED CVSS 5.699999809265137 MEDIUM

A Developer persona can bring down the Authorino service, preventing the evaluation of all AuthPolicies on the cluster

EPSS 0.06% · 19.8th percentile

Risk Scores

CVSS v3.1

5.699999809265137

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

EPSS Score

0.06%

19.8th percentile

Affected Products

Vendor	Product	Versions
Red Hat	Red Hat Connectivity Link 1
		1.0.1, 1.0.1
github.com	kuadrant/authorino	0, 0

Timeline

Jun 9, 2025 CVE Published
Jun 9, 2025 EPSS Score
Jun 9, 2025 Coalition ESS Score
Jun 9, 2025 PoC Published
Jun 10, 2025 CVE Updated
Jun 19, 2025 EPSS Score
Jun 29, 2025 EPSS Score
Jul 9, 2025 EPSS Score
Jul 19, 2025 EPSS Score
Jul 29, 2025 EPSS Score
Aug 8, 2025 EPSS Score
Aug 18, 2025 EPSS Score

References

https://access.redhat.com/security/cve/CVE-2025-25208 vdb
RHBZ#2347436 issue
https://nvd.nist.gov/vuln/detail/CVE-2025-25208 advisory
https://github.com/Kuadrant/authorino package

Open in Interactive Console →