Missing authentication in the KVM key download endpoint could allow an unauthenticated attacker with knowledge of the exposed URL to retrieve sensitive keys, potentially leading to loss of confidentiality.
CVSS
No CVSS.
References
Configurations
No configuration.
History
14 May 2026, 15:16
| Type | Values Removed | Values Added |
|---|---|---|
| New CVE |
Information
Published : 2026-05-14 15:16
Updated : 2026-05-14 15:53
NVD link : CVE-2025-62619
Mitre link : CVE-2025-62619
CVE.ORG link : CVE-2025-62619
JSON object : View
Products Affected
No product.
CWE
CWE-306
Missing Authentication for Critical Function