fkie_cve-2025-6032
Vulnerability from fkie_nvd
Published
2025-06-24 14:15
Modified
2025-07-30 23:15
Severity ?
8.3 (High) - CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
Summary
A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack.
References
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2025:10295
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2025:10549
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2025:10550
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2025:10551
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2025:10668
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2025:11363
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2025:11677
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2025:11681
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2025:9726
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2025:9751
secalert@redhat.comhttps://access.redhat.com/errata/RHSA-2025:9766
secalert@redhat.comhttps://access.redhat.com/security/cve/CVE-2025-6032
secalert@redhat.comhttps://bugzilla.redhat.com/show_bug.cgi?id=2372501
Impacted products
Vendor Product Version


To clipboard 

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "A flaw was found in Podman. The podman machine init command fails to verify the TLS certificate when downloading the VM images from an OCI registry. This issue results in a Man In The Middle attack."
    },
    {
      "lang": "es",
      "value": "Se detect\u00f3 una falla en Podman. El comando podman machine init no verifica el certificado TLS al descargar im\u00e1genes de m\u00e1quinas virtuales desde un registro OCI. Este problema provoca un ataque de intermediario (Man in the Middle)."
    }
  ],
  "id": "CVE-2025-6032",
  "lastModified": "2025-07-30T23:15:28.400",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "HIGH",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.3,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "NONE",
          "scope": "CHANGED",
          "userInteraction": "REQUIRED",
          "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 1.6,
        "impactScore": 6.0,
        "source": "secalert@redhat.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-06-24T14:15:30.703",
  "references": [
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:10295"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:10549"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:10550"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:10551"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:10668"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:11363"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:11677"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:11681"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:9726"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:9751"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/errata/RHSA-2025:9766"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://access.redhat.com/security/cve/CVE-2025-6032"
    },
    {
      "source": "secalert@redhat.com",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2372501"
    }
  ],
  "sourceIdentifier": "secalert@redhat.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-295"
        }
      ],
      "source": "secalert@redhat.com",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.