Sign-up

ID

VAR-202510-2153


CVE

CVE-2025-62232


DESCRIPTION

Sensitive data exposure via logging in basic-auth leads to plaintext usernames and passwords written to error logs and forwarded to log sinks when log level is INFO/DEBUG. This creates a high risk of credential compromise through log access. It has been fixed in the following commit:  https://github.com/apache/apisix/pull/12629 Users are recommended to upgrade to version 3.14, which fixes this issue.

Trust: 1.0

sources: NVD: CVE-2025-62232

AFFECTED PRODUCTS

vendor:apachemodel:apisixscope:gteversion:1.0

Trust: 1.0

vendor:apachemodel:apisixscope:ltversion:3.14.0

Trust: 1.0

sources: NVD: CVE-2025-62232

CVSS

SEVERITY

CVSSV2

CVSSV3

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2025-62232
value: HIGH

Trust: 1.0

134c704f-9b21-4f2e-91b3-4a467353bcc0: CVE-2025-62232
baseSeverity: HIGH
baseScore: 7.5
vectorString: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: NONE
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: NONE
availabilityImpact: NONE
exploitabilityScore: 3.9
impactScore: 3.6
version: 3.1

Trust: 1.0

sources: NVD: CVE-2025-62232

PROBLEMTYPE DATA

problemtype:CWE-532

Trust: 1.0

sources: NVD: CVE-2025-62232

EXTERNAL IDS

db:OPENWALLid:OSS-SECURITY/2025/10/30/4

Trust: 1.0

db:NVDid:CVE-2025-62232

Trust: 1.0

sources: NVD: CVE-2025-62232

REFERENCES

url:http://www.openwall.com/lists/oss-security/2025/10/30/4

Trust: 1.0

url:https://lists.apache.org/thread/32hdgh570btfhg02hfc7p7ckf9v83259

Trust: 1.0

sources: NVD: CVE-2025-62232

SOURCES

db:NVDid:CVE-2025-62232

LAST UPDATE DATE

2025-11-19T23:16:11.551000+00:00


SOURCES UPDATE DATE

db:NVDid:CVE-2025-62232date:2025-11-05T14:44:13.057

SOURCES RELEASE DATE

db:NVDid:CVE-2025-62232date:2025-10-31T09:15:48.053