CVE-2025-12969

Source
https://cve.org/CVERecord?id=CVE-2025-12969
Import Source
https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-12969.json
JSON Data
https://api.osv.dev/v1/vulns/CVE-2025-12969
Aliases
Downstream
Published
2025-11-24T14:41:05.630Z
Modified
2026-07-15T01:48:50.288952844Z
Severity
  • 6.5 (Medium) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:N CVSS Calculator
Summary
CVE-2025-12969
Details

Fluent Bit in_forward input plugin does not properly enforce the security.users authentication mechanism under certain configuration conditions. This allows remote attackers with network access to the Fluent Bit instance exposing the forward input to send unauthenticated data. By bypassing authentication controls, attackers can inject forged log records, flood alerting systems, or manipulate routing decisions, compromising the authenticity and integrity of ingested logs.

Database specific
{
    "osv_generated_from": "https://github.com/CVEProject/cvelistV5/tree/main/cves/2025/12xxx/CVE-2025-12969.json",
    "cna_assigner": "certcc",
    "unresolved_ranges": [
        {
            "extracted_events": [
                {
                    "fixed": "4.0.13"
                }
            ],
            "source": "AFFECTED_FIELD"
        }
    ]
}
References

Affected packages

Git / github.com/fluent/fluent-bit

Affected ranges

Type
GIT
Repo
https://github.com/fluent/fluent-bit
Events
Database specific
{
    "cpe": "cpe:2.3:a:treasuredata:fluent_bit:4.1.0:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "4.1.0"
        },
        {
            "last_affected": "4.1.0"
        }
    ],
    "source": "CPE_STRING"
}

Affected versions

4.*
4.1.0
v4.*
v4.1.0

Database specific

source
"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-12969.json"