CVE Details
Basic Information
| Title |
CVE-2025-47284 |
| Type |
cve |
| Published |
2025-05-19T19:15:51 |
| Last Seen |
2025-05-19T19:18:50 |
CVSS Information
| Base Score |
9.9 (CRITICAL) |
| Attack Vector |
NETWORK |
| Attack Complexity |
LOW |
| Privileges Required |
LOW |
| User Interaction |
NONE |
| Scope |
CHANGED |
| Confidentiality Impact |
HIGH |
| Integrity Impact |
HIGH |
| Availability Impact |
HIGH |
AI Analysis
| AI Description |
A critical vulnerability in the gardenlet component of Gardener allows remote attackers to execute arbitrary commands due to improper input validation. This affects versions prior to 1.116.4, 1.117.5, 1.118.2, and 1.119.0. |
| AI Severity |
Critical |
| Vendor |
SAP |
| Product |
Gardener gardenlet |
| Affected Version |
1.116.4, 1.117.5, 1.118.2, 1.119.0 |
Additional Information
| CVE List |
CVE-2025-47284 |
| CWE List |
CWE-150 |
| Bulletin Family |
cve |
Description
Gardener implements the automated management and operation of Kubernetes clusters as a service. A security vulnerability was discovered in the gardenlet component of Gardener prior to versions 1.116.4, 1.117.5, 1.118.2, and 1.119.0….
CVSS Score Summary
Base Score: %!f(string=#) (CRITICAL)
View Full CVE Details
