CVE-2025-61734 — HIGH (7.5)

Q: How severe is CVE-2025-61734?

CVE-2025-61734 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2025-61734?

Check the references section above for vendor advisories and patch information. Affected products include: Apache Kylin.

Vulnerability Description

Files or Directories Accessible to External Parties vulnerability in Apache Kylin. You are fine as long as the Kylin's system and project admin access is well protected. This issue affects Apache Kylin: from 4.0.0 through 5.0.2. Users are recommended to upgrade to version 5.0.3, which fixes the issue.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

HIGH

Integrity

NONE

Availability

NONE

Affected Products

Vendor	Product	Versions
Apache	Kylin	>= 4.0.0, < 5.0.3

Related Weaknesses (CWE)

CWE-552

References

https://lists.apache.org/thread/z705g7sn3g0bkchlqbo1hz1tyqorn4d2Issue TrackingVendor Advisory
http://www.openwall.com/lists/oss-security/2025/09/30/8

FAQ

What is CVE-2025-61734?

CVE-2025-61734 is a vulnerability with a CVSS score of 7.5 (HIGH). Files or Directories Accessible to External Parties vulnerability in Apache Kylin. You are fine as long as the Kylin's system and project admin access is well protected. This issue affects Apache Ky...

How severe is CVE-2025-61734?

CVE-2025-61734 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2025-61734?

Check the references section above for vendor advisories and patch information. Affected products include: Apache Kylin.