7.5

CVE-2025-61733

Apache Kylin: Authentication bypass

Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Kylin.

This issue affects Apache Kylin: from 4.0.0 through 5.0.2.

Users are recommended to upgrade to version 5.0.3, which fixes the issue.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
ApacheKylin Version >= 4.0.0 < 5.0.3
VulnDex Vulnerability Enrichment
Diese Information steht angemeldeten Benutzern zur Verfügung. Login Login
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 1.22% 0.65
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
134c704f-9b21-4f2e-91b3-4a467353bcc0 7.5 3.9 3.6
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
CWE-288 Authentication Bypass Using an Alternate Path or Channel

The product requires authentication, but the product has an alternate path or channel that does not require authentication.

https://lists.apache.org/thread/8wmcffly6gp50nmfw8j4w3hlmv843yo0
Vendor Advisory
Issue Tracking
http://www.openwall.com/lists/oss-security/2025/09/30/7