CVE-2025-58712
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-22

Last updated on: 2026-03-07

Assigner: Red Hat, Inc.

Description
A container privilege escalation flaw was found in certain AMQ Broker images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-22
Last Modified
2026-03-07
Generated
2026-05-07
AI Q&A
2025-10-22
EPSS Evaluated
2026-05-05
NVD
CVE-2025-58712
Affected Vendors & Products
Showing 4 associated CPEs
Vendor Product Version / Range
redhat amq_broker_init_rhel9 *
redhat amq_broker 7.13.2.opr.1.ga
redhat amq_broker 7.13.2
redhat amq_broker_rhel9 *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-276 During installation, installed file permissions are set to allow anyone to modify those files.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability is a container privilege escalation flaw found in certain AMQ Broker container images. It occurs because the /etc/passwd file is created with group-writable permissions during build time. An attacker who can execute commands inside the affected container, even as a non-root user, and who is a member of the root group, can modify the /etc/passwd file. This allows the attacker to add a new user with any user ID, including UID 0 (root), thereby gaining full root privileges within the container. [1, 2]


How can this vulnerability impact me? :

This vulnerability can allow an attacker with limited access inside a container to escalate their privileges to full root access within that container. This means the attacker could perform any action as the root user inside the container, potentially compromising the container's security, accessing sensitive data, or disrupting services running inside the container. [1, 2]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

You can detect this vulnerability by checking the permissions of the /etc/passwd file inside the affected AMQ Broker containers. Specifically, look for group-writable permissions on /etc/passwd. For example, run the command: ls -l /etc/passwd inside the container and verify if the group permissions include write access (e.g., -rw-rw-r--). Additionally, verify if the container image version is prior to the fixed version 7.13.2.OPR.1.GA. No network detection commands are provided in the resources. [1, 2]


What immediate steps should I take to mitigate this vulnerability?

The immediate mitigation step is to update the affected AMQ Broker container images to the latest fixed version 7.13.2.OPR.1.GA available in the Red Hat Container catalog. This update addresses the excessive group-writable permissions on /etc/passwd and other related security issues. Avoid running containers with excessive permissions and restrict command execution capabilities within containers where possible. [1, 2]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart