EUVD-2025-203403

🗓️ 15 Dec 2025 18:02:01Reported by EUVDType

Unauthenticated gRPC access in EDB Hybrid Manager due to Istio Gateway misconfiguration; upgrade to 1.3.3 or 2025.12.

Reporter	Title	Published	Views	Family All 7
CNNVD	EnterpriseDB Hybrid Manager - LTS 安全漏洞	15 Dec 202500:00	–	cnnvd
CVE	CVE-2025-14038	15 Dec 202518:02	–	cve
Cvelist	CVE-2025-14038	15 Dec 202518:02	–	cvelist
NVD	CVE-2025-14038	15 Dec 202518:15	–	nvd
Positive Technologies	PT-2025-51263	15 Dec 202500:00	–	ptsecurity
RedhatCVE	CVE-2025-14038	17 Dec 202508:07	–	redhatcve
Vulnrichment	CVE-2025-14038	15 Dec 202518:02	–	vulnrichment

[
  {
    "enisaIdVendor": [
      {
        "id": "a62f522b-a0f1-3fea-9e4e-bc4285f44c3e",
        "vendor": {
          "name": "EnterpriseDB"
        }
      }
    ],
    "enisaIdProduct": [
      {
        "id": "173adacc-e5c3-36e1-a846-a31b27ee5b2d",
        "product": {
          "name": "Hybrid Manager - LTS"
        },
        "product_version": "1.3 <1.3.3"
      },
      {
        "id": "3a43b880-0830-35e4-a65d-6f46160515d2",
        "product": {
          "name": "Hybrid Manager - LTS"
        },
        "product_version": "1.2"
      },
      {
        "id": "625d3e91-c135-38a2-b9c9-0a9727026276",
        "product": {
          "name": "Hybrid Manager - Innovation"
        },
        "product_version": "2025 <2025.12"
      }
    ]
  }
]

Source	Link
nvd	www.nvd.nist.gov/vuln/detail/CVE-2025-14038
enterprisedb	www.enterprisedb.com/docs/security/advisories/cve202514038
enterprisedb	www.enterprisedb.com/docs/security/advisories/cve202514038/

15 Dec 2025 19:01Current

6.7Medium risk

Vulners AI Score6.7

CVSS 3.17

EPSS0.00129

SSVC