CVE-2025-59048

Alias:

Overview

OpenBao's AWS Plugin generates AWS access credentials based on IAM policies. Prior to version 0.1.1, the AWS Plugin is vulnerable to cross-account IAM role Impersonation in the AWS auth method. The vulnerability allows an IAM role from an untrusted AWS account to authenticate by impersonating a role...

Critical

Low

Medium

No items found.

Severity / CVSS Score: (Critical)

CWE:

Discovery date: October 23, 2025

Authentication required: NoneYes

Attack Vector: None

CVE-2025-59048

Overview

Affected Components

Kodem Deep Dive

Stop the waste.
Protect your environment with Kodem.

CVE-2025-59048

Overview

Affected Components

Kodem Deep Dive

Stop the waste.Protect your environment with Kodem.

Stop the waste.
Protect your environment with Kodem.