CVE-2025-49825
BaseFortify
Publication date: 2025-06-17
Last updated on: 2025-06-18
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-863 | The product performs an authorization check when an actor attempts to access a resource or perform an action, but it does not correctly perform the check. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability is a remote authentication bypass in Teleport Community Edition versions up to 17.5.1. It allows an attacker to bypass authentication remotely, potentially gaining unauthorized access to the system.
How can this vulnerability impact me? :
The vulnerability can lead to unauthorized remote access with full confidentiality, integrity, and availability impact, meaning attackers could fully compromise the affected system.
What immediate steps should I take to mitigate this vulnerability?
Since there is no available open-source patch for this remote authentication bypass vulnerability in Teleport Community Edition versions before and including 17.5.1, immediate mitigation steps include restricting network access to Teleport services, implementing additional authentication controls where possible, monitoring for suspicious access attempts, and planning to upgrade to a patched version once available.