CVE-2025-45311
- Source
- https://cve.org/CVERecord?id=CVE-2025-45311
- Import Source
- https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2025-45311.json
- JSON Data
- https://api.osv.dev/v1/vulns/CVE-2025-45311
- Downstream
- Published
- 2025-11-26T16:15:47.663Z
- Modified
- 2026-03-15T14:52:58.788611Z
- Severity
-
- 8.8 (High) CVSS_V3 - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H CVSS Calculator
- Summary
- [none]
- Details
-
Insecure permissions in fail2ban-client v0.11.2 allows attackers with limited sudo privileges to perform arbitrary operations as root. NOTE: this is disputed by multiple parties because the action for a triggered rule can legitimately be an arbitrary operation as root. Thus, the software is behaving in accordance with its intended privilege model.
- References