Lucene search
K

9 matches found

VulnCheck KEV
VulnCheck KEV
added 2025/10/16 12:0 a.m.10 views

VulnCheck KEV: CVE-2025-8868

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...

9.8CVSS5.9AI score0.22827EPSS
In wildExploits0References75
RedhatCVE
RedhatCVE
added 2025/09/30 11:31 a.m.4 views

CVE-2025-8868

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...

9.8CVSS7.5AI score0.22827EPSS
Exploits0References1
NVD
NVD
added 2025/09/29 12:15 p.m.16 views

CVE-2025-8868

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...

9.8CVSS0.22827EPSS
Exploits0References1
OSV
OSV
added 2025/09/29 12:15 p.m.6 views

CVE-2025-8868

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...

8.8CVSS5.9AI score
Exploits0References1
Vulnrichment
Vulnrichment
added 2025/09/29 11:29 a.m.2 views

CVE-2025-8868 Chef Automate compliance service SQL Injection Vulnerability

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...

9.8CVSS7.1AI score0.22827EPSS
Exploits0References1
Cvelist
Cvelist
added 2025/09/29 11:29 a.m.542 views

CVE-2025-8868 Chef Automate compliance service SQL Injection Vulnerability

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...

9.8CVSS0.22827EPSS
Exploits0References1
CVE
CVE
added 2025/09/29 11:29 a.m.23 views

CVE-2025-8868

Chef Automate is affected by CVE-2025-8868 for versions earlier than 4.13.295 on Linux x86. An authenticated attacker can access restricted functionality in the compliance service through SQL injection caused by improperly neutralized inputs using a well-known token. The NVD/NIST entry indicates ...

9.8CVSS7.1AI score0.22827EPSS
In wildExploits0References1Affected Software1
Positive Technologies
Positive Technologies
added 2025/09/29 12:0 a.m.12 views

PT-2025-39824

Name of the Vulnerable Software and Affected Versions Chef Automate versions prior to 4.13.295 Description An authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service. This is due to improperly neutralized inputs used in an SQL command utilizing a...

9.8CVSS7.2AI score0.22827EPSS
Exploits0References10
CNNVD
CNNVD
added 2025/09/29 12:0 a.m.4 views

Chef Automate 信息泄露漏洞

Chef Software Chef Automate is an automation platform from Chef Software for automating and managing infrastructure, applications, and compliance to help organizations achieve continuous delivery, automated operations, and security compliance. An information disclosure vulnerability exists in Che...

9.8CVSS6.6AI score0.22827EPSS
Exploits0References1
Rows per page
Query Builder