CVE-2025-22246: CVE-2025-22246 – UAA Private Key Exposure
3.0
CVSS
Description
Cloud Foundry UAA release versions from v77.21.0 to v7.31.0 are vulnerable to a private key exposure in logs.
Classification
CVE ID: CVE-2025-22246
CVSS Base Severity: LOW
CVSS Base Score: 3.0
CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N
Affected Products
Vendor: Cloud Foundry
Product: UAA, CF deployment
Exploit Prediction Scoring System (EPSS)
EPSS Score: 0.01% (probability of being exploited)
EPSS Percentile: 1.67% (scored less or equal to compared to others)
EPSS Date: 2025-06-06 (when was this score calculated)
References
https://nvd.nist.gov/vuln/detail/CVE-2025-22246https://www.cloudfoundry.org/blog/cve-2025-22246-uaa-private-key-exposure/