CVE-2025-67860
LOWSeverity by source
AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:L/I:N/A:N
Lifecycle Timeline
3DescriptionCVE.org
A vulnerability has been identified in the NeuVector scanner where the scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive credentials to local users.
AnalysisAI
A vulnerability has been identified in the NeuVector scanner where the scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive credentials to local users. [CVSS 3.8 LOW]
Technical ContextAI
Classified as CWE-522 (Insufficiently Protected Credentials). A vulnerability has been identified in the NeuVector scanner where the scanner process accepts registry and controller credentials as command-line arguments, potentially exposing sensitive credentials to local users.
Affected ProductsAI
A vulnerability has been identified in the NeuVector scanner where the scanner process accepts registry and controller credentials as command-line arg
RemediationAI
Monitor vendor advisories for a patch.
Same weakness CWE-522 – Insufficiently Protected Credentials
View allSame technique Authentication Bypass
View allShare
External POC / Exploit Code
Leaving vuln.today
GHSA-3c9m-gq32-g4jx