CVE-2025-2157

A flaw was found in Foreman/Red Hat Satellite. Improper file permissions allow low-privileged OS users to monitor and access temporary files under /var/tmp, exposing sensitive command outputs, such as /etc/shadow. This issue can lead to information disclosure and privilege escalation if exploited effectively.

CVSS v3 3.3 LOW

3.3^/10

CVSS v3 : LOW

V3 Legend

Vector :

Exploitability : 1.8 / Impact : 1.4

Attack Vector LOCAL

Attack Complexity LOW

Privileges Required LOW

User Interaction NONE

Confidentiality Impact LOW

Integrity Impact NONE

Availability Impact NONE

Scope UNCHANGED

References

Link	Resource
https://access.redhat.com/security/cve/CVE-2025-2157
https://bugzilla.redhat.com/show_bug.cgi?id=2351092

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Se encontró una falla en Foreman/Red Hat Satellite. Los permisos de archivo incorrectos permiten a usuarios del sistema operativo con pocos privilegios supervisar y acceder a archivos temporales en /var/tmp, exponiendo así salidas de comandos confidenciales, como /etc/shadow. Este problema puede provocar la divulgación de información y la escalada de privilegios si se explota correctamente.

15 Mar 2025, 07:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-03-15 07:15

Updated : 2026-04-15 00:35

NVD link : CVE-2025-2157

Mitre link : CVE-2025-2157

CVE.ORG link : CVE-2025-2157

JSON object : View

Products Affected

No product.

CWE

CWE-922

Insecure Storage of Sensitive Information

3.3 /10