9 matches found
VulnCheck KEV: CVE-2025-8868
In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...
CVE-2025-8868
In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...
CVE-2025-8868
In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...
CVE-2025-8868
In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...
CVE-2025-8868 Chef Automate compliance service SQL Injection Vulnerability
In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...
CVE-2025-8868 Chef Automate compliance service SQL Injection Vulnerability
In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token...
CVE-2025-8868
Chef Automate is affected by CVE-2025-8868 for versions earlier than 4.13.295 on Linux x86. An authenticated attacker can access restricted functionality in the compliance service through SQL injection caused by improperly neutralized inputs using a well-known token. The NVD/NIST entry indicates ...
PT-2025-39824
Name of the Vulnerable Software and Affected Versions Chef Automate versions prior to 4.13.295 Description An authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service. This is due to improperly neutralized inputs used in an SQL command utilizing a...
Chef Automate 信息泄露漏洞
Chef Software Chef Automate is an automation platform from Chef Software for automating and managing infrastructure, applications, and compliance to help organizations achieve continuous delivery, automated operations, and security compliance. An information disclosure vulnerability exists in Che...