CVE-2025-59303
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-08

Last updated on: 2025-10-08

Assigner: MITRE

Description
HAProxy Kubernetes Ingress Controller before 3.1.13, when the config-snippets feature flag is used, accepts config snippets from users with create/update permissions. This can result in obtaining an ingress token secret as a response. The fixed versions of HAProxy Enterprise Kubernetes Ingress Controller are 3.0.16-ee1, 1.11.13-ee1, and 1.9.15-ee1.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-08
Last Modified
2025-10-08
Generated
2026-06-16
AI Q&A
2025-10-08
EPSS Evaluated
2026-06-15
NVD
CVE-2025-59303
EUVD
EUVD-2025-33296
Affected Vendors & Products
Showing 5 associated CPEs
Vendor Product Version / Range
haproxy haproxy_kubernetes_ingress_controller 1.11.13-ee1
haproxy haproxy_kubernetes_ingress_controller 3.1.13
haproxy haproxy_kubernetes_ingress_controller 1.9.15-ee1
haproxy haproxy_kubernetes_ingress_controller 3.0.16-ee1
haproxy haproxy_kubernetes_ingress_controller *
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-791 The product receives data from an upstream component, but does not completely filter special elements before sending it to a downstream component.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability exists in HAProxy Kubernetes Ingress Controller versions before 3.1.13 when the config-snippets feature flag is enabled. It allows users with create or update permissions to submit configuration snippets that can lead to obtaining an ingress token secret as a response.

Impact Analysis

An attacker with create or update permissions can exploit this vulnerability to obtain an ingress token secret, potentially allowing unauthorized access or control over ingress resources, which can lead to information disclosure and compromise of the Kubernetes environment.

Mitigation Strategies

To mitigate this vulnerability, upgrade the HAProxy Kubernetes Ingress Controller to one of the fixed versions: 3.0.16-ee1, 1.11.13-ee1, or 1.9.15-ee1. Additionally, review and restrict permissions related to the config-snippets feature flag to prevent unauthorized users with create/update permissions from injecting config snippets.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-59303. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart