CNNVD-202508-806 Information
Aug 09, 2025
cve
CNNVD ID
CNNVD-202508-806
Related CVE
- CNNVD Published: 2025-08-09
Description (Chinese)
OpenBao是OpenBao开源的一个敏感数据管理软件。 OpenBao 2.3.1及之前版本存在安全漏洞,该漏洞源于高权限身份实体系统可提升至根策略,可能导致权限提升。
Description (English)
OpenBao is a sensitive data management software for OpenBao open source. OpenBao 2.3.1 and previous versions have a security loophole, which stems from the fact that the high-authority identity entity system can be raised to its root strategy, which may lead to an increase in authority.
Hazard Level
Medium
Vulnerability Type
其他
Affected Vendor
OpenBao
Published
2025-08-09
Last Modified
2026-02-24
References
https://github.com/openbao/openbao/pull/1627 https://github.com/openbao/openbao/security/advisories/GHSA-vf84-mxrq-crqc https://github.com/openbao/openbao/releases/tag/v2.3.2 https://access.redhat.com/security/cve/cve-2025-54996
Patch
https://github.com/openbao/openbao/releases
Share on: