CVE-2025-54996Improper Privilege Management in Openbao Openbao

CWE-269Improper Privilege ManagementCWE-266Incorrect Privilege Assignment4 documents3 sources
Severity
7.2HIGHNVD
EPSS
0.1%
top 82.46%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
2
Github.com Openbao OpenbaoOpenbao
Timeline
PublishedAug 9
Latest updateAug 11

Description

OpenBao exists to provide a software solution to manage, store, and distribute sensitive data including secrets, certificates, and keys. In versions 2.3.1 and below, accounts with access to highly-privileged identity entity systems in root namespaces were able to increase their scope directly to the root policy. While the identity system allowed adding arbitrary policies, which in turn could contain capability grants on arbitrary paths, the root policy was restricted to manual generation using u

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:HExploitability: 1.2 | Impact: 5.9

Affected Packages2 packages

NVDopenbao/openbao< 2.3.2
Gogithub.com/openbao_openbao0.1.02.3.2+2

🔴Vulnerability Details

3
OSV
OpenBao Root Namespace Operator May Elevate Token Privileges in github.com/openbao/openbao2025-08-11
OSV
OpenBao Root Namespace Operator May Elevate Token Privileges2025-08-08
GHSA
OpenBao Root Namespace Operator May Elevate Token Privileges2025-08-08