CVE-2025-61733

| EUVD-2025-32642 HIGH
2025-10-02 [email protected] GHSA-mr9j-4j48-xcm2
7.5
CVSS 3.1
Share

CVSS Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Attack Vector
Network
Attack Complexity
Low
Privileges Required
None
User Interaction
None
Scope
Unchanged
Confidentiality
High
Integrity
None
Availability
None

Lifecycle Timeline

4
Patch Released
Mar 31, 2026 - 21:13 nvd
Patch available
EUVD ID Assigned
Mar 13, 2026 - 19:12 euvd
EUVD-2025-32642
Analysis Generated
Mar 13, 2026 - 19:12 vuln.today
CVE Published
Oct 02, 2025 - 10:15 nvd
HIGH 7.5

Tags

Authentication Bypass Apache Kylin

Description

Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Kylin. This issue affects Apache Kylin: from 4.0.0 through 5.0.2. Users are recommended to upgrade to version 5.0.3, which fixes the issue.

Analysis

Authentication Bypass Using an Alternate Path or Channel vulnerability in Apache Kylin.

This issue affects Apache Kylin: from 4.0.0 through 5.0.2.

Users are recommended to upgrade to version 5.0.3, which fixes the issue.

Technical Context

An authentication bypass vulnerability allows attackers to circumvent login mechanisms and gain unauthorized access without valid credentials.

Affected Products

Affected products: Apache Kylin

Remediation

Implement robust authentication mechanisms. Use multi-factor authentication. Review authentication logic for bypass conditions. Remove default credentials.

Priority Score

38
Low Medium High Critical
KEV: 0
EPSS: +0.1
CVSS: +38
POC: 0

Share

CVE-2025-61733 vulnerability details – vuln.today
Back

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy