{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-32803", "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22", "state": "PUBLISHED", "assignerShortName": "isc", "dateReserved": "2025-04-10T12:51:45.056Z", "datePublished": "2025-05-28T17:08:20.769Z", "dateUpdated": "2025-05-28T17:28:58.513Z"}, "containers": {"cna": {"providerMetadata": {"orgId": "404fd4d2-a609-4245-b543-2c944a302a22", "shortName": "isc", "dateUpdated": "2025-05-28T17:08:20.769Z"}, "title": "Insecure file permissions can result in confidential information leakage", "datePublic": "2025-05-28T00:00:00.000Z", "affected": [{"vendor": "ISC", "product": "Kea", "versions": [{"version": "2.4.0", "lessThanOrEqual": "2.4.1", "status": "affected", "versionType": "custom"}, {"version": "2.6.0", "lessThanOrEqual": "2.6.2", "status": "affected", "versionType": "custom"}, {"version": "2.7.0", "lessThanOrEqual": "2.7.8", "status": "affected", "versionType": "custom"}], "defaultStatus": "unaffected"}], "metrics": [{"cvssV3_1": {"version": "3.1", "attackVector": "LOCAL", "attackComplexity": "LOW", "privilegesRequired": "NONE", "userInteraction": "NONE", "scope": "UNCHANGED", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "availabilityImpact": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "baseScore": 4, "baseSeverity": "MEDIUM"}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-276", "description": "CWE-276 Incorrect Default Permissions"}]}], "descriptions": [{"lang": "en", "value": "In some cases, Kea log files or lease files may be world-readable.\nThis issue affects Kea versions 2.4.0 through 2.4.1, 2.6.0 through 2.6.2, and 2.7.0 through 2.7.8."}], "impacts": [{"descriptions": [{"lang": "en", "value": "If an attacker has access to a local unprivileged user account, they would be able to read the logs and/or lease information. This might disclose details about DHCP clients (MAC addresses, hostnames, IP addresses, configuration details, and so on), or about Kea itself."}]}], "workarounds": [{"lang": "en", "value": "It is possible to work around this problem by ensuring that the directories that contain the logs and lease files are only accessible to trusted users."}], "exploits": [{"lang": "en", "value": "We are not aware of any active exploits."}], "solutions": [{"lang": "en", "value": "Upgrade to the patched release most closely related to your current version of Kea: 2.4.2, 2.6.3, or 2.7.9."}], "credits": [{"lang": "en", "value": "ISC would like to thank Matthias Gerstner from the SUSE security team for bringing this vulnerability to our attention."}], "references": [{"url": "https://kb.isc.org/docs/cve-2025-32803", "name": "CVE-2025-32803", "tags": ["vendor-advisory"]}], "source": {"discovery": "EXTERNAL"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-05-28T17:28:47.543925Z", "id": "CVE-2025-32803", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-28T17:28:58.513Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-32803", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-05-28T17:28:47.543925Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-05-28T17:28:50.413Z"}}], "cna": {"title": "Insecure file permissions can result in confidential information leakage", "source": {"discovery": "EXTERNAL"}, "credits": [{"lang": "en", "value": "ISC would like to thank Matthias Gerstner from the SUSE security team for bringing this vulnerability to our attention."}], "impacts": [{"descriptions": [{"lang": "en", "value": "If an attacker has access to a local unprivileged user account, they would be able to read the logs and/or lease information. This might disclose details about DHCP clients (MAC addresses, hostnames, IP addresses, configuration details, and so on), or about Kea itself."}]}], "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 4, "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "integrityImpact": "NONE", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "NONE", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "ISC", "product": "Kea", "versions": [{"status": "affected", "version": "2.4.0", "versionType": "custom", "lessThanOrEqual": "2.4.1"}, {"status": "affected", "version": "2.6.0", "versionType": "custom", "lessThanOrEqual": "2.6.2"}, {"status": "affected", "version": "2.7.0", "versionType": "custom", "lessThanOrEqual": "2.7.8"}], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "We are not aware of any active exploits."}], "solutions": [{"lang": "en", "value": "Upgrade to the patched release most closely related to your current version of Kea: 2.4.2, 2.6.3, or 2.7.9."}], "datePublic": "2025-05-28T00:00:00.000Z", "references": [{"url": "https://kb.isc.org/docs/cve-2025-32803", "name": "CVE-2025-32803", "tags": ["vendor-advisory"]}], "workarounds": [{"lang": "en", "value": "It is possible to work around this problem by ensuring that the directories that contain the logs and lease files are only accessible to trusted users."}], "descriptions": [{"lang": "en", "value": "In some cases, Kea log files or lease files may be world-readable.\nThis issue affects Kea versions 2.4.0 through 2.4.1, 2.6.0 through 2.6.2, and 2.7.0 through 2.7.8."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-276", "description": "CWE-276 Incorrect Default Permissions"}]}], "providerMetadata": {"orgId": "404fd4d2-a609-4245-b543-2c944a302a22", "shortName": "isc", "dateUpdated": "2025-05-28T17:08:20.769Z"}}}, "cveMetadata": {"cveId": "CVE-2025-32803", "state": "PUBLISHED", "dateUpdated": "2025-05-28T17:28:58.513Z", "dateReserved": "2025-04-10T12:51:45.056Z", "assignerOrgId": "404fd4d2-a609-4245-b543-2c944a302a22", "datePublished": "2025-05-28T17:08:20.769Z", "assignerShortName": "isc"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "In some cases, Kea log files or lease files may be world-readable.\nThis issue affects Kea versions 2.4.0 through 2.4.1, 2.6.0 through 2.6.2, and 2.7.0 through 2.7.8."}], "id": "CVE-2025-32803", "lastModified": "2025-05-29T14:29:50.247", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "NONE", "baseScore": 4.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 1.4, "source": "[email protected]", "type": "Primary"}]}, "published": "2025-05-28T18:15:27.130", "references": [{"source": "[email protected]", "url": "https://kb.isc.org/docs/cve-2025-32803"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-276"}], "source": "[email protected]", "type": "Secondary"}]}

{"bugzilla": {"description": "kea: Insecure file permissions can result in confidential information leakage", "id": "2367496", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2367496"}, "csaw": false, "cvss3": {"cvss3_base_score": "3.3", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N", "status": "draft"}, "cwe": "CWE-538", "details": ["In some cases, Kea log files or lease files may be world-readable.\nThis issue affects Kea versions 2.4.0 through 2.4.1, 2.6.0 through 2.6.2, and 2.7.0 through 2.7.8.", "A vulnerability was found in the Kea package, where an attacker with access to a local unprivileged user may be able to read the logs and DHCP lease information. This can be used to retrieve sensitive information about the DHCP clients and about the Kea process itself."], "mitigation": {"lang": "en:us", "value": "This issue can be mitigated by ensuring the directories which contain the log files and lease information can be only accessed by trusted or privileged users."}, "name": "CVE-2025-32803", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Affected", "package_name": "kea", "product_name": "Red Hat Enterprise Linux 10"}], "public_date": "2025-05-28T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-32803\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-32803"], "statement": "The Red Hat Product Security team has rated this vulnerability as with Moderate severity. An attacker needs to have a local account with read privileges to where the Kea's logs are being written to. Although information regarding DHCP clients and the Kea process can be retrieved, initially no sensitive information is leak through the logs leading to a low impact in the Confidentiality aspect.", "threat_severity": "Moderate"}