CVE-2025-25182

Published Feb 12, 2025

Last updated 2 months ago

CVSS critical 9.4

Overview

AI description

Generated using AI and has not been reviewed by Intruder. May contain errors.

CVE-2025-25182 is an authentication bypass vulnerability found in the Stroom data processing and analysis platform. Versions prior to 7.2.24, 7.3-beta.22, 7.4.4, and 7.5-beta.2 are affected when Stroom is configured with an Application Load Balancer (ALB) but accessible via routes other than through the ALB. This misconfiguration allows unauthorized access to the Stroom system. Exploitation of this vulnerability could also enable server-side request forgery, potentially leading to code execution or privilege escalation, particularly when interacting with the AWS metadata URL. The vulnerability has been addressed in Stroom versions 7.2.24, 7.3-beta.22, 7.4.4, and 7.5-beta.2. It's important to note that this information is current as of today, March 9, 2025, and may change as new information becomes available.

Description
Stroom is a data processing, storage and analysis platform. A vulnerability exists starting in version 7.2-beta.53 and prior to versions 7.2.24, 7.3-beta.22, 7.4.4, and 7.5-beta.2 that allows authentication bypass to a Stroom system when configured with ALB and installed in a way that the application is accessible not through the ALB itself. This vulnerability may also allow for server-side request forgery which may lead to code execution or further privileges escalations when using the AWS metadata URL. This scenario assumes that Stroom must be configured to use ALB Authentication integration and the application is network accessible. The vulnerability has been fixed in versions 7.2.24, 7.3-beta.22, 7.4.4, and 7.5-beta.2.
Source
security-advisories@github.com
NVD status
Awaiting Analysis

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.4
Impact score
5.5
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:L
Severity
CRITICAL

Weaknesses

security-advisories@github.com
CWE-290

Social media

Hype score
Not currently trending

  1. 1/ 🚨Recently, our research team found CVE-2025-25182, A critical security finding in Government Communications Headquarters (GCHQ), the UK's intelligence and security agency, maintained project, Stroom. https://t.co/MS1aerYWWH

    @liadeliyahu

    6 Mar 2025

    2114 Impressions

    5 Retweets

    27 Likes

    5 Bookmarks

    2 Replies

    0 Quotes

  2. CVE-2025-25182 Authentication Bypass and SSRF in Stroom Platform with AL... https://t.co/3tuxucr5ng Don't wait vulnerability scanning results: https://t.co/oh1APvMMnd

    @VulmonFeeds

    12 Feb 2025

    1 Impression

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

References