CVE-2025-53106

HIGH EPSS 39.0%
Published Jul 2, 202512mo ago · Modified Jun 17, 20262w ago
8.8 CVSS 4.0
High
Find Similar
Published Jul 2, 2025 12mo ago
Last Modified Jun 17, 2026 2w ago

Description

Graylog is a free and open log management platform. In versions 6.2.0 to before 6.2.4 and 6.3.0-alpha.1 to before 6.3.0-rc.2, Graylog users can gain elevated privileges by creating and using API tokens for the local Administrator or any other user for whom the malicious user knows the ID. For the attack to succeed, the attacker needs a user account in Graylog. They can then proceed to issue hand-crafted requests to the Graylog REST API and exploit a weak permission check for token creation. This issue has been patched in versions 6.2.4 and 6.3.0-rc.2. A workaround involves disabling the respective configuration found in System > Configuration > Users > "Allow users to create personal access tokens".

CVSS Details

Base Score
8.8
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:L/AT:P/PR:L/UI:A/VC:H/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction A
Scope X

Threat Intelligence

EPSS Exploit Probability
39.0% percentile
Exploit & Patch Status
No Known Exploit
Patch Available

Weaknesses 1

CWE-285

Affected Products 12

VendorProductVersionRange
grayloggraylog*≥6.2.0  –  <6.2.4
grayloggraylog6.3.0any
grayloggraylog6.3.0any
grayloggraylog6.3.0any
grayloggraylog6.3.0any
grayloggraylog6.3.0any
grayloggraylog6.3.0any
grayloggraylog6.3.0any
grayloggraylog6.3.0any
grayloggraylog6.3.0any
grayloggraylog6.3.0any
grayloggraylog6.3.0any

References 3

  • github.com https://github.com/Graylog2/graylog2-server/commit/6936bd16a783c2944a3d2f1e83902062520f90e3
    Patch
  • github.com https://github.com/Graylog2/graylog2-server/commit/9215b8f1fd32566c31e6f7447ed864df3590c157
    Patch
  • github.com https://github.com/Graylog2/graylog2-server/security/advisories/GHSA-3m86-c9x3-vwm9
    Third Party Advisory

Remediation

  • github.com https://github.com/Graylog2/graylog2-server/commit/6936bd16a783c2944a3d2f1e83902062520f90e3
    Patch
  • github.com https://github.com/Graylog2/graylog2-server/commit/9215b8f1fd32566c31e6f7447ed864df3590c157
    Patch