Количество 2
Количество 2
CVE-2025-8077
A vulnerability exists in NeuVector versions up to and including 5.4.5, where a fixed string is used as the default password for the built-in `admin` account. If this password is not changed immediately after deployment, any workload with network access within the cluster could use the default credentials to obtain an authentication token. This token can then be used to perform any operation via NeuVector APIs.
GHSA-8pxw-9c75-6w56
NeuVector admin account has insecure default password
Уязвимостей на страницу
Уязвимость | CVSS | EPSS | Опубликовано | |
|---|---|---|---|---|
 | CVE-2025-8077 A vulnerability exists in NeuVector versions up to and including 5.4.5, where a fixed string is used as the default password for the built-in `admin` account. If this password is not changed immediately after deployment, any workload with network access within the cluster could use the default credentials to obtain an authentication token. This token can then be used to perform any operation via NeuVector APIs. | CVSS3: 9.8 | 0% Низкий | 5 месяцев назад |
| GHSA-8pxw-9c75-6w56 NeuVector admin account has insecure default password | CVSS3: 9.8 | 0% Низкий | 5 месяцев назад |
Уязвимостей на страницу