CNNVD-202510-3358 Information

CNNVD ID

CNNVD-202510-3358

Related CVE

CVE-2025-62714

• CNNVD Published: 2025-10-25

Description (Chinese)

Karmada Dashboard是karmada-io开源的一个Web用户界面。 Karmada Dashboard 0.2.0之前版本存在安全漏洞，该漏洞源于后端API端点未强制执行身份验证，可能导致未经身份验证的用户访问敏感集群信息。

Description (English)

Karmada Dashboard is a Web interface for Karmada-io open source. Prior to Karmada Dashboard 0.2.0, there was a security loophole, which stemmed from the lack of enforcement of authentication at the back end of the API endpoint, which could result in uncertified users accessing sensitive cluster information.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

karmada-io

Published

2025-10-25

Last Modified

2026-02-24

References

https://access.redhat.com/security/cve/cve-2025-62714

Patch

https://github.com/karmada-io/dashboard/releases