Cockroach · Cockroach-K8S-Request-Cert · CVE-2025-9276
Name of the Vulnerable Software and Affected Versions:
Cockroach Labs cockroach-k8s-request-cert (affected versions not specified)
Description:
The cockroach-k8s-request-cert component is susceptible to an authentication bypass due to an empty root password. This allows unauthorized access.
Recommendations:
At the moment, there is no information about a newer version that contains a fix for this vulnerability.