CNNVD-202509-4466 Information

CNNVD ID

CNNVD-202509-4466

Related CVE

CVE-2025-57852

• CNNVD Published: 2025-09-30

Description (Chinese)

Kaseya KServer是美国Kaseya公司的一个管理系统的中心服务器节点。 Kaseya KServer存在安全漏洞，该漏洞源于容器镜像构建时创建了组可写权限的/etc/passwd文件，可能导致权限提升。

Description (English)

Kaseya KServer is the central server node of a United States company, Kaseya. Kaseya KServer has a security loophole, which stems from the creation of a group of writeable/etc/passwd files during container mirror construction, which may lead to an increase in privileges.

Hazard Level

High

Vulnerability Type

其他

Affected Vendor

卡西亚

Published

2025-09-30

Last Modified

2026-02-24

References

https://access.redhat.com/errata/RHSA-2025:16981 https://access.redhat.com/errata/RHSA-2025:16982 https://access.redhat.com/errata/RHSA-2025:16983 https://access.redhat.com/errata/RHSA-2025:16984 https://access.redhat.com/security/cve/CVE-2025-57852 https://bugzilla.redhat.com/show_bug.cgi?id=2391105