Primary

Context

Apache Kvrocks Improper Privilege Management Vulnerability Granting Admin Privileges

Vulnerability

A vulnerability allowing improper privilege management has been identified in Apache Kvrocks versions 2.9.0 prior to 2.13.0. This issue allows the RESET command to grant administrative privileges, potentially leading to unauthorized access or actions within the application.

Impact

Exploitation of this vulnerability allows users to gain admin privileges, which could be misused to perform unauthorized actions or access restricted areas of the application.

Remediation

Users are advised to upgrade to Apache Kvrocks version 2.14.0, which addresses this vulnerability.

Added: Nov 28, 2025, 3:17 PM

Updated: Nov 28, 2025, 5:19 PM

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

7.7

relevance

1.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Vulnerability Rating

Custom Algorithm

spread

0.0

impact

5.0

exploitability

5.2

remediation

7.7

relevance

1.2

threat

0.0

urgency

2.9

incentive

1.7

Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.

Apache Kvrocks Improper Privilege Management Vulnerability Granting Admin Privileges

Vulnerability

Impact

Remediation

Affected Products

CVSS Scores

References

Vulnerability Rating

Vulnerability Rating