Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2025-54470

Summary
Assigner-suse
Assigner Org ID-404e59f5-483d-4b8a-8e7a-e67604dd8afb
Published At-30 Oct, 2025 | 09:38
Updated At-30 Oct, 2025 | 14:01
Rejected At-
Credits

NeuVector telemetry sender is vulnerable to MITM and DoS

This vulnerability affects NeuVector deployments only when the Report anonymous cluster data option is enabled. When this option is enabled, NeuVector sends anonymous telemetry data to the telemetry server. In affected versions, NeuVector does not enforce TLS certificate verification when transmitting anonymous cluster data to the telemetry server. As a result, the communication channel is susceptible to man-in-the-middle (MITM) attacks, where an attacker could intercept or modify the transmitted data. Additionally, NeuVector loads the response of the telemetry server is loaded into memory without size limitation, which makes it vulnerable to a Denial of Service(DoS) attack

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:suse
Assigner Org ID:404e59f5-483d-4b8a-8e7a-e67604dd8afb
Published At:30 Oct, 2025 | 09:38
Updated At:30 Oct, 2025 | 14:01
Rejected At:
▼CVE Numbering Authority (CNA)
NeuVector telemetry sender is vulnerable to MITM and DoS

This vulnerability affects NeuVector deployments only when the Report anonymous cluster data option is enabled. When this option is enabled, NeuVector sends anonymous telemetry data to the telemetry server. In affected versions, NeuVector does not enforce TLS certificate verification when transmitting anonymous cluster data to the telemetry server. As a result, the communication channel is susceptible to man-in-the-middle (MITM) attacks, where an attacker could intercept or modify the transmitted data. Additionally, NeuVector loads the response of the telemetry server is loaded into memory without size limitation, which makes it vulnerable to a Denial of Service(DoS) attack

Affected Products
Vendor
SUSESUSE
Product
neuvector
Package Name
https://github.com/neuvector/neuvector
Default Status
unaffected
Versions
Affected
  • From 5.3.0 before 5.3.5 (semver)
  • From 5.4.0 before 5.4.7 (semver)
  • From 0.0.0-20230727023453-1c4957d53911 before 0.0.0-20251020133207-084a437033b4 (semver)
Problem Types
TypeCWE IDDescription
CWECWE-295CWE-295: Improper Certificate Validation
Type: CWE
CWE ID: CWE-295
Description: CWE-295: Improper Certificate Validation
Metrics
VersionBase scoreBase severityVector
3.18.6HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
Version: 3.1
Base score: 8.6
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-54470
N/A
https://github.com/neuvector/neuvector/security/advisories/GHSA-qqj3-g7mx-5p4w
N/A
Hyperlink: https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-54470
Resource: N/A
Hyperlink: https://github.com/neuvector/neuvector/security/advisories/GHSA-qqj3-g7mx-5p4w
Resource: N/A
▼Authorized Data Publishers (ADP)
CISA ADP Vulnrichment
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:meissner@suse.de
Published At:30 Oct, 2025 | 10:15
Updated At:30 Oct, 2025 | 15:03

This vulnerability affects NeuVector deployments only when the Report anonymous cluster data option is enabled. When this option is enabled, NeuVector sends anonymous telemetry data to the telemetry server. In affected versions, NeuVector does not enforce TLS certificate verification when transmitting anonymous cluster data to the telemetry server. As a result, the communication channel is susceptible to man-in-the-middle (MITM) attacks, where an attacker could intercept or modify the transmitted data. Additionally, NeuVector loads the response of the telemetry server is loaded into memory without size limitation, which makes it vulnerable to a Denial of Service(DoS) attack

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Secondary3.18.6HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
Type: Secondary
Version: 3.1
Base score: 8.6
Base severity: HIGH
Vector:
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:H
CPE Matches
Weaknesses
CWE IDTypeSource
CWE-295Primarymeissner@suse.de
CWE ID: CWE-295
Type: Primary
Source: meissner@suse.de
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-54470meissner@suse.de
N/A
https://github.com/neuvector/neuvector/security/advisories/GHSA-qqj3-g7mx-5p4wmeissner@suse.de
N/A
Hyperlink: https://bugzilla.suse.com/show_bug.cgi?id=CVE-2025-54470
Source: meissner@suse.de
Resource: N/A
Hyperlink: https://github.com/neuvector/neuvector/security/advisories/GHSA-qqj3-g7mx-5p4w
Source: meissner@suse.de
Resource: N/A

Change History

0
Information is not available yet

Similar CVEs

4Records found
CVE-2025-67601
Matching Score-6
Assigner-SUSE
ShareView Details
Matching Score-6
Assigner-SUSE
CVSS Score-8.3||HIGH
EPSS-0.01% / 0.78%
||
7 Day CHG~0.00%
Published-25 Feb, 2026 | 10:36
Updated-26 Feb, 2026 | 14:44
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rancher CLI skips TLS verification on Rancher CLI login command

A vulnerability has been identified within Rancher Manager, where using self-signed CA certificates and passing the -skip-verify flag to the Rancher CLI login command without also passing the –cacert flag results in the CLI attempting to fetch CA certificates stored in Rancher’s setting cacerts.

Action-Not Available
Vendor-SUSE
Product-rancher
CWE ID-CWE-295
Improper Certificate Validation
CVE-2025-66001
Matching Score-6
Assigner-SUSE
ShareView Details
Matching Score-6
Assigner-SUSE
CVSS Score-8.8||HIGH
EPSS-0.03% / 7.26%
||
7 Day CHG~0.00%
Published-08 Jan, 2026 | 10:23
Updated-08 Jan, 2026 | 18:08
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
NeuVector OpenID Connect is vulnerable to man-in-the-middle (MITM)

NeuVector supports login authentication through OpenID Connect. However, the TLS verification (which verifies the remote server's authenticity and integrity) for OpenID Connect is not enforced by default. As a result this may expose the system to man-in-the-middle (MITM) attacks.

Action-Not Available
Vendor-SUSE
Product-neuvector
CWE ID-CWE-295
Improper Certificate Validation
CVE-2024-22030
Matching Score-6
Assigner-SUSE
ShareView Details
Matching Score-6
Assigner-SUSE
CVSS Score-8||HIGH
EPSS-0.07% / 20.99%
||
7 Day CHG~0.00%
Published-16 Oct, 2024 | 13:24
Updated-16 Oct, 2024 | 16:38
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Rancher agents can be hijacked by taking over the Rancher Server URL

A vulnerability has been identified within Rancher that can be exploited in narrow circumstances through a man-in-the-middle (MITM) attack. An attacker would need to have control of an expired domain or execute a DNS spoofing/hijacking attack against the domain to exploit this vulnerability. The targeted domain is the one used as the Rancher URL.

Action-Not Available
Vendor-SUSE
Product-rancherrancher
CWE ID-CWE-295
Improper Certificate Validation
CVE-2017-14806
Matching Score-6
Assigner-OpenText (formerly Micro Focus)
ShareView Details
Matching Score-6
Assigner-OpenText (formerly Micro Focus)
CVSS Score-3.7||LOW
EPSS-0.11% / 30.15%
||
7 Day CHG~0.00%
Published-27 Jan, 2020 | 09:45
Updated-16 Sep, 2024 | 16:48
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available
Insecure handling of repodata and packages in SUSE Studio onlite

A Improper Certificate Validation vulnerability in susestudio-common of SUSE Studio onsite allows remote attackers to MITM connections to the repositories, which allows the modification of packages received over these connections. This issue affects: SUSE Studio onsite susestudio-common version 1.3.17-56.6.3 and prior versions.

Action-Not Available
Vendor-SUSE
Product-susestudio-ui-serverstudio_onsiteStudio onsite
CWE ID-CWE-295
Improper Certificate Validation
Details not found