CNNVD-202511-2815 Information

CNNVD ID

CNNVD-202511-2815

Related CVE

CVE-2025-64761

• CNNVD Published: 2025-11-25

Description (Chinese)

OpenBao是OpenBao开源的一个敏感数据管理软件。 OpenBao 2.4.4之前版本存在安全漏洞，该漏洞源于身份组子系统权限分配不当，可能导致权限提升。

Description (English)

OpenBao is a sensitive data management software for OpenBao open source. There was a security loophole in the previous version of OpenBao 2.4.4, which stemmed from the misallocation of authority in the identity sub-system, which could lead to an increase in authority.

Hazard Level

Medium

Vulnerability Type

其他

Affected Vendor

OpenBao

Published

2025-11-25

Last Modified

2026-02-24

References

https://github.com/openbao/openbao/commit/16bb0ccd37a502930a289d434cbe4e7b4edd66e5 https://github.com/openbao/openbao/pull/2143 https://github.com/openbao/openbao/security/advisories/GHSA-7ff4-jw48-3436

Patch

https://github.com/openbao/openbao/releases