Upstream information
Description
Teleport provides connectivity, authentication, access controls and audit for infrastructure. Community Edition versions before and including 17.5.1 are vulnerable to remote authentication bypass. At time of posting, there is no available open-source patch.SUSE information
Overall state of this security issue: Resolved
This issue is currently rated as having critical severity.
CNA (GitHub) | |
---|---|
Base Score | 9.8 |
Vector | CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Attack Vector | Network |
Attack Complexity | Low |
Privileges Required | None |
User Interaction | None |
Scope | Unchanged |
Confidentiality Impact | High |
Integrity Impact | High |
Availability Impact | High |
CVSSv3 Version | 3.1 |
List of released packages
Product(s) | Fixed package version(s) | References |
---|---|---|
openSUSE Tumbleweed |
| Patchnames: openSUSE-Tumbleweed-2025-15300 openSUSE-Tumbleweed-2025-15405 |
SUSE Timeline for this CVE
CVE page created: Wed Jun 18 02:39:39 2025CVE page last modified: Thu Aug 7 20:49:47 2025