CVE-2025-61734 — Files or Directories Accessible to External Parties in Apache Kylin
Severity
7.5HIGHNVD
EPSS
0.1%
top 77.89%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 2
Description
Files or Directories Accessible to External Parties vulnerability in Apache Kylin.
You are fine as long as the Kylin's system and project admin access is well protected.
This issue affects Apache Kylin: from 4.0.0 through 5.0.2.
Users are recommended to upgrade to version 5.0.3, which fixes the issue.
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 3.9 | Impact: 3.6