CVE-2025-9276
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-09-02

Last updated on: 2025-09-04

Assigner: Zero Day Initiative

Description
Cockroach Labs cockroach-k8s-request-cert Empty Root Password Authentication Bypass Vulnerability. This vulnerability could allow remote attackers to bypass authentication on systems that use the affected version of the Cockroach Labs cockroach-k8s-request-cert container image. The specific flaw exists within the configuration of the system shadow file. The issue results from a blank password setting for the root user. An attacker can leverage this vulnerability to bypass authentication on the system. Was ZDI-CAN-22195.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-09-02
Last Modified
2025-09-04
Generated
2026-06-19
AI Q&A
2025-09-02
EPSS Evaluated
2026-06-18
NVD
CVE-2025-9276
EUVD
EUVD-2025-26436
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
cockroach_labs cockroach-k8s-request-cert 3.0
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-258 Using an empty string as a password is insecure.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

CVE-2025-9276 is a critical authentication bypass vulnerability in the Cockroach Labs cockroach-k8s-request-cert container image. The vulnerability is caused by a misconfiguration in the system shadow file where the root user has a blank password. This flaw allows remote attackers to bypass authentication entirely, gaining unauthorized access to the system. [1]

Impact Analysis

This vulnerability can have severe impacts as it allows remote attackers to bypass authentication without any credentials. An attacker exploiting this flaw can gain full control over the affected system, compromising confidentiality, integrity, and availability of data and services. [1]

Detection Guidance

You can detect this vulnerability by checking the system shadow file inside the cockroach-k8s-request-cert container image for a blank password entry for the root user. For example, running the command `grep '^root::' /etc/shadow` inside the container can reveal if the root password field is empty, indicating the vulnerability. [1]

Mitigation Strategies

The immediate mitigation step is to update or discontinue use of the affected cockroach-k8s-request-cert container image, as no other mitigations are indicated. [1]

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-9276. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart