CVE-2025-55299
BaseFortify
Publication date: 2025-08-18
Last updated on: 2025-08-18
Assigner: GitHub, Inc.
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| vaulttls | vaulttls | 0.9.1 |
| vaulttls | vaulttls | 0.9.0 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-521 | The product does not require that users should have strong passwords. |
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?
This vulnerability in VaulTLS versions prior to 0.9.1 allows attackers to log in using an empty password. User accounts created through the User web UI had an empty but non-NULL password set, which could be exploited to authenticate without a valid password. Additionally, disabling password-based login only affected the frontend, while the backend API still permitted login with passwords, enabling attackers to bypass frontend restrictions and gain unauthorized access. The issue was fixed in version 0.9.1 by improving password validation, storage, and login authorization logic. [1, 2]
How can this vulnerability impact me? :
This vulnerability can lead to unauthorized access to your VaulTLS system because attackers can log in with empty passwords. This compromises the confidentiality and integrity of your system, allowing attackers to potentially access sensitive data or perform unauthorized actions. The vulnerability has a high impact on confidentiality and integrity, with a low impact on availability. Since the attack vector is network-based and requires no privileges or user interaction, it poses a significant security risk. [1]
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability can be detected by checking for user accounts with empty or whitespace-only passwords that allow login via the API. Since the issue involves authentication with empty passwords, you can attempt to authenticate to the VaulTLS API using an empty password for user accounts created through the User web UI. Network monitoring tools can also be used to detect login attempts with empty passwords. Specific commands are not provided in the resources, but a practical approach would be to use API calls or scripts to attempt login with empty passwords and observe if authentication succeeds. [1, 2]
What immediate steps should I take to mitigate this vulnerability?
The immediate and only effective mitigation is to upgrade VaulTLS to version 0.9.1 or later, where the vulnerability is fixed. The fix includes disabling password login for accounts with empty passwords, enforcing password validation, and preventing empty passwords from being accepted or stored. No other workarounds exist. [1]