CVE-2025-25208

Published: Jun 9, 2025Modified: Jun 9, 2025

5.7

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:N/I:N/A:H

Exploitability: 2.1 / Impact: 3.6

Source: secalert@redhat.com (Secondary)

Description

A Developer persona can bring down the Authorino service, preventing the evaluation of all AuthPolicies on the cluster

Related CWEs

Uncontrolled Resource Consumption

The product does not properly control the allocation and maintenance of a limited resource, thereby enabling an actor to influence the amount of resources consumed, eventually leading to the exhaustion of available resources.

References (2)

https://access.redhat.com/security/cve/CVE-2025-25208

Source: secalert@redhat.com

https://bugzilla.redhat.com/show_bug.cgi?id=2347436

Source: secalert@redhat.com

Timeline

No history available yet.