CVE-2025-23261 | THREATINT

Description

NVIDIA Cumulus Linux and NVOS products contain a vulnerability, where hashed user passwords are not properly suppressed in log files, potentially disclosing information to unauthorized users.

PUBLISHED Reserved 2025-01-14 | Published 2025-09-04 | Updated 2025-09-04 | Assigner nvidia

MEDIUM: 5.5CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Problem types

CWE-532 Insertion of Sensitive Information into Log File

Product status

Default status

unaffected

NVOS 25.02.21xx, 25.02.22xx, 25.02.23xx

affected

Default status

unaffected

Cumulus Linux 5.12, 5.11, 5.10, 5.9 and older

affected

Default status

unaffected

NVOS 25.02.3xxx

affected

References

nvd.nist.gov/vuln/detail/CVE-2025-23261

www.cve.org/CVERecord?id=CVE-2025-23261

nvidia.custhelp.com/app/answers/detail/a_id/5655

cve.org (CVE-2025-23261)

nvd.nist.gov (CVE-2025-23261)

Download JSON