CVE-2025-25208
Awaiting Analysis Awaiting Analysis - Queue
BaseFortify

Publication date: 2025-06-09

Last updated on: 2025-06-09

Assigner: Red Hat, Inc.

Description
A Developer persona can bring down the Authorino service, preventing the evaluation of all AuthPolicies on the cluster
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-06-09
Last Modified
2025-06-09
Generated
2026-05-07
AI Q&A
2025-06-09
EPSS Evaluated
2026-05-05
NVD
CVE-2025-25208
Affected Vendors & Products
Currently, no data is known.
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-400 The product does not properly control the allocation and maintenance of a limited resource.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

CVE-2025-25208 is a medium severity denial of service (DoS) vulnerability in Authorino, where a developer can exploit AuthPolicy configurations using the sharedSecretRef parameter to crash or make the Authorino service unavailable. This stops the evaluation of all authorization policies on the cluster. [1]


How can this vulnerability impact me? :

This vulnerability can cause the Authorino service to crash or become unavailable, preventing the evaluation of all authorization policies on the cluster. As a result, authorization services are denied, potentially disrupting access control and service availability. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart