CVE-2025-8868 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted function…
Critical CVSS: 9.8

CVE-2025-8868

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via

improperly neutralized inputs used in an SQL command using a well-known token.
Vendor
Chef
Product
Automate
CWE
CWE-89
Yayın Tarihi
2025-09-29 12:15:49
Güncelleme
2025-10-16 17:14:27
Source Identifier
security@progress.com
KEV Date Added
-

Kategoriler

CWE-89 Automate CRITICAL Chef 2025

Referanslar

https://docs.chef.io/release_notes_automate/#4.13.295