CVE-2025-24884

CVSS v4.0

5.1

Medium

Vector

AV:L/AC:L/AT:N/PR:N/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N

Name of the Vulnerable Software and Affected Versions kube-audit-rest versions prior to 1.0.16

Description The issue concerns a simple logger of mutation/creation requests to the k8s API, where the previous values of Kubernetes secrets would have been disclosed in the audit messages if the "full-elastic-stack" example vector configuration was used for a real cluster.

Recommendations For versions prior to 1.0.16, update to version 1.0.16 to fix the issue. As a temporary workaround, replace the existing configuration in the vector "audit-files-json-parser-and-redaction" step with the updated configuration that redacts secret data and removes previously set secret data.

Exploit

Fix

Information Disclosure

Insertion into Log File

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-200CWE-532CWE-212

Related Identifiers

CVE-2025-24884

GHSA-HCR5-WV4P-H2G2

GO-2025-3431

OPENSUSE-SU-2025:14732-1

OPENSUSE-SU-2025_0429-1

SUSE-SU-2025:0429-1

Affected Products

Suse

Kube-Audit-Rest

CVE-2025-24884

Weakness Enumeration

Related Identifiers

Affected Products

References · 42