CVE 8.8 HIGH

CVE-2025-45311_CVE-2025-45311

November 28, 2025 invoker category_cve

8.8 / 10

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Description

Insecure permissions in fail2ban-client v0.11.2 allows attackers with limited sudo privileges to perform arbitrary operations as root. NOTE: this is disputed by multiple parties because the action for a triggered rule can legitimately be an arbitrary operation as root. Thus, the software is behaving in accordance with its intended privilege model.

AI Analysis

Insecure permissions allow attackers with limited sudo privileges to perform arbitrary operations as root

Basic Information

ID CVE-2025-45311

Source mitre

Published Nov 26, 2025 at 00:00

Modified Nov 28, 2025 at 19:56

Affected Product

Vendor Fail2Ban

Product fail2ban-client

Version 0.11.2

Affected Versions n/a n/a n/a

CWE Classification

CWE-266

AI Assessment

AI Score 8.8 / 10

AI Severity High

Vendor Fail2Ban

Product fail2ban-client

Version 0.11.2

References

{
    "lastseen": "",
    "description": "Insecure permissions in fail2ban-client v0.11.2 allows attackers with limited sudo privileges to perform arbitrary operations as root. NOTE: this is disputed by multiple parties because the action for a triggered rule can legitimately be an arbitrary operation as root. Thus, the software is behaving in accordance with its intended privilege model.",
    "published": "2025-11-26T00:00:00.000Z",
    "modified": "2025-11-28T19:56:01.011Z",
    "type": "cve",
    "title": "CVE-2025-45311",
    "source": "mitre",
    "references": "https://packetstorm.news/files/id/189989\nhttps://gist.github.com/R-Security/1c707a08f9c7f9a91d9d84b5010aaed2",
    "id": "CVE-2025-45311",
    "bulletinFamily": "",
    "cwe": [
        "CWE-266"
    ],
    "cvelist": null,
    "sourceData": "n/a n/a n/a",
    "sourceHref": "",
    "cvss": {
        "score": 8.8,
        "severity": "HIGH",
        "vector": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
        "version": "3.1"
    },
    "cvss2": [],
    "cvss3": {
        "version": "",
        "vectorString": "",
        "baseScore": 0,
        "baseSeverity": "",
        "attackVector": "",
        "attackComplexity": "",
        "privilegesRequired": "",
        "userInteraction": "",
        "scope": "",
        "confidentialityImpact": "",
        "integrityImpact": "",
        "availabilityImpact": "",
        "cvssV3": {
            "version": "",
            "vectorString": "",
            "baseScore": 0,
            "baseSeverity": "",
            "attackVector": "",
            "attackComplexity": "",
            "privilegesRequired": "",
            "userInteraction": "",
            "scope": "",
            "confidentialityImpact": "",
            "integrityImpact": "",
            "availabilityImpact": ""
        }
    },
    "href": "",
    "category_name": "CVE",
    "post_link": "",
    "product": "fail2ban-client",
    "version": "0.11.2",
    "vendor": "Fail2Ban",
    "ai_description": "Insecure permissions allow attackers with limited sudo privileges to perform arbitrary operations as root",
    "ai_severity": "High",
    "ai_vendor": "Fail2Ban",
    "ai_product": "fail2ban-client",
    "ai_version": "0.11.2",
    "ai_score": 8.8
}

💭 Join the Security Discussion ❌ Cancel Reply