ISC Kea World-Readable Log and Lease Files Vulnerability

Vulnerability

A vulnerability exists in ISC Kea DHCP server versions 2.4.0 through 2.4.1, 2.6.0 through 2.6.2, and 2.7.0 through 2.7.8, where log files or lease files may be accessible to all users. This unintended file permission issue can lead to the exposure of sensitive information.

Impact

The vulnerability could result in unauthorized access to log and lease files, potentially exposing sensitive information such as DHCP lease details and server activity logs.

Added: Jun 9, 2025, 7:46 PM

Updated: Jun 9, 2025, 7:46 PM

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

3.5

remediation

0.0

relevance

0.1

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

2.6

impact

2.5

exploitability

3.5

remediation

0.0

relevance

0.1

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

ISC Kea World-Readable Log and Lease Files Vulnerability

Vulnerability

Impact

Affected Products

ISC Kea

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating