{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-58060", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2025-08-22T14:30:32.222Z", "datePublished": "2025-09-11T17:06:32.899Z", "dateUpdated": "2025-11-04T21:13:22.294Z"}, "containers": {"cna": {"title": "cups has Authentication bypass with AuthType Negotiate", "problemTypes": [{"descriptions": [{"cweId": "CWE-287", "lang": "en", "description": "CWE-287: Improper Authentication", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-4c68-qgrh-rmmq", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-4c68-qgrh-rmmq"}, {"name": "https://github.com/OpenPrinting/cups/commit/595d691075b1d396d2edfaa0a8fd0873a0a1f221", "tags": ["x_refsource_MISC"], "url": "https://github.com/OpenPrinting/cups/commit/595d691075b1d396d2edfaa0a8fd0873a0a1f221"}], "affected": [{"vendor": "OpenPrinting", "product": "cups", "versions": [{"version": "< 2.4.13", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-09-11T17:25:02.915Z"}, "descriptions": [{"lang": "en", "value": "OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the `AuthType` is set to anything but `Basic`, if the request contains an `Authorization: Basic ...` header, the password is not checked. This results in authentication bypass. Any configuration that allows an `AuthType` that is not `Basic` is affected. Version 2.4.13 fixes the issue."}], "source": {"advisory": "GHSA-4c68-qgrh-rmmq", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-09-11T17:33:32.502303Z", "id": "CVE-2025-58060", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-11T17:35:59.645Z"}}, {"title": "CVE Program Container", "references": [{"url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00013.html"}, {"url": "http://www.openwall.com/lists/oss-security/2025/09/11/1"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-04T21:13:22.294Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CVE Program Container", "references": [{"url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00013.html"}, {"url": "http://www.openwall.com/lists/oss-security/2025/09/11/1"}], "providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2025-11-04T21:13:22.294Z"}}, {"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-58060", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-09-11T17:33:32.502303Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-09-11T17:35:53.103Z"}}], "cna": {"title": "cups has Authentication bypass with AuthType Negotiate", "source": {"advisory": "GHSA-4c68-qgrh-rmmq", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 8, "attackVector": "LOCAL", "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H", "integrityImpact": "HIGH", "userInteraction": "NONE", "attackComplexity": "LOW", "availabilityImpact": "HIGH", "privilegesRequired": "NONE", "confidentialityImpact": "LOW"}}], "affected": [{"vendor": "OpenPrinting", "product": "cups", "versions": [{"status": "affected", "version": "< 2.4.13"}]}], "references": [{"url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-4c68-qgrh-rmmq", "name": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-4c68-qgrh-rmmq", "tags": ["x_refsource_CONFIRM"]}, {"url": "https://github.com/OpenPrinting/cups/commit/595d691075b1d396d2edfaa0a8fd0873a0a1f221", "name": "https://github.com/OpenPrinting/cups/commit/595d691075b1d396d2edfaa0a8fd0873a0a1f221", "tags": ["x_refsource_MISC"]}], "descriptions": [{"lang": "en", "value": "OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the `AuthType` is set to anything but `Basic`, if the request contains an `Authorization: Basic ...` header, the password is not checked. This results in authentication bypass. Any configuration that allows an `AuthType` that is not `Basic` is affected. Version 2.4.13 fixes the issue."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-287", "description": "CWE-287: Improper Authentication"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-09-11T17:25:02.915Z"}}}, "cveMetadata": {"cveId": "CVE-2025-58060", "state": "PUBLISHED", "dateUpdated": "2025-11-04T21:13:22.294Z", "dateReserved": "2025-08-22T14:30:32.222Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2025-09-11T17:06:32.899Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:openprinting:cups:*:*:*:*:*:*:*:*", "matchCriteriaId": "9352DF89-76A8-4760-9846-45BC66C471AE", "versionEndExcluding": "2.4.13", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "OpenPrinting CUPS is an open source printing system for Linux and other Unix-like operating systems. In versions 2.4.12 and earlier, when the `AuthType` is set to anything but `Basic`, if the request contains an `Authorization: Basic ...` header, the password is not checked. This results in authentication bypass. Any configuration that allows an `AuthType` that is not `Basic` is affected. Version 2.4.13 fixes the issue."}], "id": "CVE-2025-58060", "lastModified": "2025-11-04T22:16:32.160", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "LOCAL", "availabilityImpact": "HIGH", "baseScore": 8.0, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.5, "impactScore": 5.5, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2025-09-11T18:15:34.787", "references": [{"source": "security-advisories@github.com", "tags": ["Patch"], "url": "https://github.com/OpenPrinting/cups/commit/595d691075b1d396d2edfaa0a8fd0873a0a1f221"}, {"source": "security-advisories@github.com", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/OpenPrinting/cups/security/advisories/GHSA-4c68-qgrh-rmmq"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "http://www.openwall.com/lists/oss-security/2025/09/11/1"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "url": "https://lists.debian.org/debian-lts-announce/2025/09/msg00013.html"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-287"}], "source": "security-advisories@github.com", "type": "Secondary"}]}

{"acknowledgement": "Red Hat would like to thank Hristo Venev for reporting this issue.", "affected_release": [{"advisory": "RHSA-2025:15701", "cpe": "cpe:/o:redhat:enterprise_linux:10.0", "package": "cups-1:2.4.10-11.el10_0.1", "product_name": "Red Hat Enterprise Linux 10", "release_date": "2025-09-11T00:00:00Z"}, {"advisory": "RHSA-2025:15702", "cpe": "cpe:/a:redhat:enterprise_linux:8", "package": "cups-1:2.2.6-63.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-09-11T00:00:00Z"}, {"advisory": "RHSA-2025:15702", "cpe": "cpe:/o:redhat:enterprise_linux:8", "package": "cups-1:2.2.6-63.el8_10", "product_name": "Red Hat Enterprise Linux 8", "release_date": "2025-09-11T00:00:00Z"}, {"advisory": "RHSA-2025:15700", "cpe": "cpe:/a:redhat:enterprise_linux:9", "package": "cups-1:2.3.3op2-33.el9_6.1", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-09-11T00:00:00Z"}, {"advisory": "RHSA-2025:15700", "cpe": "cpe:/o:redhat:enterprise_linux:9", "package": "cups-1:2.3.3op2-33.el9_6.1", "product_name": "Red Hat Enterprise Linux 9", "release_date": "2025-09-11T00:00:00Z"}], "bugzilla": {"description": "cups: Authentication Bypass in CUPS Authorization Handling", "id": "2392595", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=2392595"}, "csaw": false, "cvss3": {"cvss3_base_score": "8.0", "cvss3_scoring_vector": "CVSS:3.1/AV:L/AC:L/PR:N/UI:N/S:U/C:L/I:H/A:H", "status": "verified"}, "cwe": "CWE-287", "details": ["A flaw was found in CUPS, a widely used printing service on Linux and UNIX-like systems. The issue arises when authentication is configured to use a method other than Basic, but the attacker sends an HTTP request with a Basic authentication header. Due to improper validation in the cupsdAuthorize() function, the password is not checked. This vulnerability allows attackers to bypass authentication entirely, resulting in unauthorized access to administrative functions and system configuration."], "mitigation": {"lang": "en:us", "value": "Mitigation for this issue is either not available or the currently available options don't meet the Red Hat Product Security criteria comprising ease of use and deployment, applicability to a widespread installation base, or stability. It is strongly advised to apply vendor-supplied patches as soon as they are released to address this authentication bypass vulnerability."}, "name": "CVE-2025-58060", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:10", "fix_state": "Not affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 10"}, {"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Fix deferred", "package_name": "cups", "product_name": "Red Hat Enterprise Linux 6"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Affected", "package_name": "cups", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:7", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 7"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:8", "fix_state": "Not affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 8"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "firefox", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/o:redhat:enterprise_linux:9", "fix_state": "Not affected", "package_name": "thunderbird", "product_name": "Red Hat Enterprise Linux 9"}, {"cpe": "cpe:/a:redhat:openshift:4", "fix_state": "Affected", "package_name": "rhcos", "product_name": "Red Hat OpenShift Container Platform 4"}], "public_date": "2025-09-11T13:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2025-58060\nhttps://nvd.nist.gov/vuln/detail/CVE-2025-58060"], "statement": "The Red Hat Product Security team has assessed the severity of this vulnerability as Important, given that it enables complete authentication bypass. Exploitation requires no valid credentials and can be performed remotely in some configurations. Attackers could gain administrative privileges in CUPS, modify critical configuration files, or potentially escalate their access further depending on the system environment. The root cause is a missing authentication check when the AuthType is set to values other than Basic but a Basic authorization header is supplied.", "threat_severity": "Important"}

{"created": "2025-09-12T08:02:42.233910+00:00", "updated": "2025-09-12T08:02:42.233960+00:00", "vendors": ["linux", "linux$PRODUCT$linux", "openprinting", "openprinting$PRODUCT$cups"]}