CVE-2025-49825

Teleport provides connectivity, authentication, access controls and audit for infrastructure. Community Edition versions before and including 17.5.1 are vulnerable to remote authentication bypass. At time of posting, there is no available open-source patch.

CVSS v3 9.8 CRITICAL

9.8^/10

CVSS v3 : CRITICAL

V3 Legend

Vector :

Exploitability : 3.9 / Impact : 5.9

Attack Vector NETWORK

Attack Complexity LOW

Privileges Required NONE

User Interaction NONE

Confidentiality Impact HIGH

Integrity Impact HIGH

Availability Impact HIGH

Scope UNCHANGED

References

Link	Resource
https://github.com/gravitational/teleport/security/advisories/GHSA-8cqv-pj7f-pwpc

Configurations

No configuration.

History

15 Apr 2026, 00:35

Type	Values Removed	Values Added
Summary		(es) Teleport proporciona conectividad, autenticación, controles de acceso y auditoría para la infraestructura. Las versiones de Community Edition anteriores a la 17.5.1 (incluida) son vulnerables a la omisión de la autenticación remota. Al momento de la publicación, no hay un parche de código abierto disponible.

17 Jun 2025, 22:15

Type	Values Removed	Values Added
New CVE

Information

Published : 2025-06-17 22:15

Updated : 2026-04-15 00:35

NVD link : CVE-2025-49825

Mitre link : CVE-2025-49825

CVE.ORG link : CVE-2025-49825

JSON object : View

Products Affected

No product.

CWE

CWE-863

Incorrect Authorization

9.8 /10