rhsa-2025:17562
Vulnerability from csaf_redhat
Published
2025-10-08 14:38
Modified
2025-10-23 04:50
Summary
Red Hat Security Advisory: AMQ Broker 7.13.2.OPR.1.GA Container Images release and security update
Notes
Topic
This is the multiarch release of the AMQ Broker 7.13.2 aligned Operator and associated container images on Red Hat Enterprise Linux for the OpenShift Container Platform.
Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.
Details
Red Hat Middleware for OpenShift provides images for many of the Red Hat Middleware products for use within the OpenShift Container Platform cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments.
This release of Red Hat AMQ Broker 7.13.2 includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.
Security Fix(es):
* (CVE-2025-58712) amq-broker-init-rhel9: privilege escalation via excessive /etc/passwd permissions
* (CVE-2025-58712) amq-broker-rhel9: privilege escalation via excessive /etc/passwd permissions
For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.
For information on supported configurations, see Red Hat AMQ Broker 7 Supported Configurations at https://access.redhat.com/articles/2791941
Terms of Use
This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "This is the multiarch release of the AMQ Broker 7.13.2 aligned Operator and associated container images on Red Hat Enterprise Linux for the OpenShift Container Platform.\n\nRed Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.",
"title": "Topic"
},
{
"category": "general",
"text": "Red Hat Middleware for OpenShift provides images for many of the Red Hat Middleware products for use within the OpenShift Container Platform cloud computing Platform-as-a-Service (PaaS) for on-premise or private cloud deployments.\n\nThis release of Red Hat AMQ Broker 7.13.2 includes security and bug fixes, and enhancements. For further information, refer to the release notes linked to in the References section.\n\nSecurity Fix(es):\n\n* (CVE-2025-58712) amq-broker-init-rhel9: privilege escalation via excessive /etc/passwd permissions\n* (CVE-2025-58712) amq-broker-rhel9: privilege escalation via excessive /etc/passwd permissions\n\nFor more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.\n\nFor information on supported configurations, see Red Hat AMQ Broker 7 Supported Configurations at https://access.redhat.com/articles/2791941",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2025:17562",
"url": "https://access.redhat.com/errata/RHSA-2025:17562"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification#moderate",
"url": "https://access.redhat.com/security/updates/classification#moderate"
},
{
"category": "external",
"summary": "https://docs.redhat.com/en/documentation/red_hat_amq_broker/",
"url": "https://docs.redhat.com/en/documentation/red_hat_amq_broker/"
},
{
"category": "external",
"summary": "2394418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394418"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2025/rhsa-2025_17562.json"
}
],
"title": "Red Hat Security Advisory: AMQ Broker 7.13.2.OPR.1.GA Container Images release and security update",
"tracking": {
"current_release_date": "2025-10-23T04:50:31+00:00",
"generator": {
"date": "2025-10-23T04:50:31+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.9"
}
},
"id": "RHSA-2025:17562",
"initial_release_date": "2025-10-08T14:38:05+00:00",
"revision_history": [
{
"date": "2025-10-08T14:38:05+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2025-10-08T14:38:05+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-10-23T04:50:31+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Middleware Containers for Openshift",
"product": {
"name": "Middleware Containers for Openshift",
"product_id": "9Base-RHOSE-Middleware",
"product_identification_helper": {
"cpe": "cpe:/a:redhat:rhosemc:1.0::el9"
}
}
}
],
"category": "product_family",
"name": "Red Hat OpenShift Enterprise"
},
{
"branches": [
{
"category": "product_version",
"name": "amq7/amq-broker-init-rhel9@sha256:725b875c9ca96582d691aef2220b14e22f75e6840b987f48bf1333f428cfa1f7_ppc64le",
"product": {
"name": "amq7/amq-broker-init-rhel9@sha256:725b875c9ca96582d691aef2220b14e22f75e6840b987f48bf1333f428cfa1f7_ppc64le",
"product_id": "amq7/amq-broker-init-rhel9@sha256:725b875c9ca96582d691aef2220b14e22f75e6840b987f48bf1333f428cfa1f7_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-init-rhel9@sha256:725b875c9ca96582d691aef2220b14e22f75e6840b987f48bf1333f428cfa1f7?arch=ppc64le\u0026repository_url=registry.redhat.io/amq7/amq-broker-init-rhel9\u0026tag=7.13.2-1"
}
}
},
{
"category": "product_version",
"name": "amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:e03e5adcfe23118c42cfe6eaa5de710128ebcd1188582c3d39cd2fd0f16af01e_ppc64le",
"product": {
"name": "amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:e03e5adcfe23118c42cfe6eaa5de710128ebcd1188582c3d39cd2fd0f16af01e_ppc64le",
"product_id": "amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:e03e5adcfe23118c42cfe6eaa5de710128ebcd1188582c3d39cd2fd0f16af01e_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-jolokia-api-server-rhel9@sha256:e03e5adcfe23118c42cfe6eaa5de710128ebcd1188582c3d39cd2fd0f16af01e?arch=ppc64le\u0026repository_url=registry.redhat.io/amq7-tech-preview/amq-broker-jolokia-api-server-rhel9\u0026tag=7.13.2-1"
}
}
},
{
"category": "product_version",
"name": "amq7/amq-broker-rhel9@sha256:9a3b7a41a2d0e7ab6a6f804d092f271feae675c39db3101f20318201360ca840_ppc64le",
"product": {
"name": "amq7/amq-broker-rhel9@sha256:9a3b7a41a2d0e7ab6a6f804d092f271feae675c39db3101f20318201360ca840_ppc64le",
"product_id": "amq7/amq-broker-rhel9@sha256:9a3b7a41a2d0e7ab6a6f804d092f271feae675c39db3101f20318201360ca840_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-rhel9@sha256:9a3b7a41a2d0e7ab6a6f804d092f271feae675c39db3101f20318201360ca840?arch=ppc64le\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel9\u0026tag=7.13.2-1"
}
}
},
{
"category": "product_version",
"name": "amq7/amq-broker-rhel9-operator@sha256:d3d35ae65371c65e84c93608d1dc4f1516e822d078d60a712c2bbb59a4350991_ppc64le",
"product": {
"name": "amq7/amq-broker-rhel9-operator@sha256:d3d35ae65371c65e84c93608d1dc4f1516e822d078d60a712c2bbb59a4350991_ppc64le",
"product_id": "amq7/amq-broker-rhel9-operator@sha256:d3d35ae65371c65e84c93608d1dc4f1516e822d078d60a712c2bbb59a4350991_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-rhel9-operator@sha256:d3d35ae65371c65e84c93608d1dc4f1516e822d078d60a712c2bbb59a4350991?arch=ppc64le\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel9-operator\u0026tag=7.13.2-1"
}
}
},
{
"category": "product_version",
"name": "amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:df06cfeedcc4d41d66a392a95cd103d4562b6a33f4ca665c35f310b099e61bc2_ppc64le",
"product": {
"name": "amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:df06cfeedcc4d41d66a392a95cd103d4562b6a33f4ca665c35f310b099e61bc2_ppc64le",
"product_id": "amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:df06cfeedcc4d41d66a392a95cd103d4562b6a33f4ca665c35f310b099e61bc2_ppc64le",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-console-plugin-rhel9@sha256:df06cfeedcc4d41d66a392a95cd103d4562b6a33f4ca665c35f310b099e61bc2?arch=ppc64le\u0026repository_url=registry.redhat.io/amq7-tech-preview/amq-broker-console-plugin-rhel9\u0026tag=7.13.2-1"
}
}
}
],
"category": "architecture",
"name": "ppc64le"
},
{
"branches": [
{
"category": "product_version",
"name": "amq7/amq-broker-init-rhel9@sha256:1855ee7290a6b7446e5adc64ca447cb5d3fb462fb11a0d01cb9b5ef67ad666bb_amd64",
"product": {
"name": "amq7/amq-broker-init-rhel9@sha256:1855ee7290a6b7446e5adc64ca447cb5d3fb462fb11a0d01cb9b5ef67ad666bb_amd64",
"product_id": "amq7/amq-broker-init-rhel9@sha256:1855ee7290a6b7446e5adc64ca447cb5d3fb462fb11a0d01cb9b5ef67ad666bb_amd64",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-init-rhel9@sha256:1855ee7290a6b7446e5adc64ca447cb5d3fb462fb11a0d01cb9b5ef67ad666bb?arch=amd64\u0026repository_url=registry.redhat.io/amq7/amq-broker-init-rhel9\u0026tag=7.13.2-1"
}
}
},
{
"category": "product_version",
"name": "amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:860d4857f8f78e187700097f7e284881ebcd3cc546be5c5e10dbecf062fb0743_amd64",
"product": {
"name": "amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:860d4857f8f78e187700097f7e284881ebcd3cc546be5c5e10dbecf062fb0743_amd64",
"product_id": "amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:860d4857f8f78e187700097f7e284881ebcd3cc546be5c5e10dbecf062fb0743_amd64",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-jolokia-api-server-rhel9@sha256:860d4857f8f78e187700097f7e284881ebcd3cc546be5c5e10dbecf062fb0743?arch=amd64\u0026repository_url=registry.redhat.io/amq7-tech-preview/amq-broker-jolokia-api-server-rhel9\u0026tag=7.13.2-1"
}
}
},
{
"category": "product_version",
"name": "amq7/amq-broker-rhel9@sha256:ea91a6449ec9b6311ed3ff1294212dd746dc64a040bb797b5fda42f4f29efcb5_amd64",
"product": {
"name": "amq7/amq-broker-rhel9@sha256:ea91a6449ec9b6311ed3ff1294212dd746dc64a040bb797b5fda42f4f29efcb5_amd64",
"product_id": "amq7/amq-broker-rhel9@sha256:ea91a6449ec9b6311ed3ff1294212dd746dc64a040bb797b5fda42f4f29efcb5_amd64",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-rhel9@sha256:ea91a6449ec9b6311ed3ff1294212dd746dc64a040bb797b5fda42f4f29efcb5?arch=amd64\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel9\u0026tag=7.13.2-1"
}
}
},
{
"category": "product_version",
"name": "amq7/amq-broker-rhel9-operator-bundle@sha256:33f584255364b8f5cc7e37f14d7a257b4414716872323433374001df2eb47c7d_amd64",
"product": {
"name": "amq7/amq-broker-rhel9-operator-bundle@sha256:33f584255364b8f5cc7e37f14d7a257b4414716872323433374001df2eb47c7d_amd64",
"product_id": "amq7/amq-broker-rhel9-operator-bundle@sha256:33f584255364b8f5cc7e37f14d7a257b4414716872323433374001df2eb47c7d_amd64",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-rhel9-operator-bundle@sha256:33f584255364b8f5cc7e37f14d7a257b4414716872323433374001df2eb47c7d?arch=amd64\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel9-operator-bundle\u0026tag=7.13.2-1"
}
}
},
{
"category": "product_version",
"name": "amq7/amq-broker-rhel9-operator@sha256:e06ad5a9fb69f76088bdd5ab5a4271ca62c78659fbffd9e7c632a8e5466cfd6b_amd64",
"product": {
"name": "amq7/amq-broker-rhel9-operator@sha256:e06ad5a9fb69f76088bdd5ab5a4271ca62c78659fbffd9e7c632a8e5466cfd6b_amd64",
"product_id": "amq7/amq-broker-rhel9-operator@sha256:e06ad5a9fb69f76088bdd5ab5a4271ca62c78659fbffd9e7c632a8e5466cfd6b_amd64",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-rhel9-operator@sha256:e06ad5a9fb69f76088bdd5ab5a4271ca62c78659fbffd9e7c632a8e5466cfd6b?arch=amd64\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel9-operator\u0026tag=7.13.2-1"
}
}
},
{
"category": "product_version",
"name": "amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:0c2b3d12e0c749b62659fd95781f17510e71abd8659d8e8e2e77b37e43297f6c_amd64",
"product": {
"name": "amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:0c2b3d12e0c749b62659fd95781f17510e71abd8659d8e8e2e77b37e43297f6c_amd64",
"product_id": "amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:0c2b3d12e0c749b62659fd95781f17510e71abd8659d8e8e2e77b37e43297f6c_amd64",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-console-plugin-rhel9@sha256:0c2b3d12e0c749b62659fd95781f17510e71abd8659d8e8e2e77b37e43297f6c?arch=amd64\u0026repository_url=registry.redhat.io/amq7-tech-preview/amq-broker-console-plugin-rhel9\u0026tag=7.13.2-1"
}
}
}
],
"category": "architecture",
"name": "amd64"
},
{
"branches": [
{
"category": "product_version",
"name": "amq7/amq-broker-init-rhel9@sha256:869954655497885a4567939746a1d044df1479321b4cac63ee93d629738124dc_arm64",
"product": {
"name": "amq7/amq-broker-init-rhel9@sha256:869954655497885a4567939746a1d044df1479321b4cac63ee93d629738124dc_arm64",
"product_id": "amq7/amq-broker-init-rhel9@sha256:869954655497885a4567939746a1d044df1479321b4cac63ee93d629738124dc_arm64",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-init-rhel9@sha256:869954655497885a4567939746a1d044df1479321b4cac63ee93d629738124dc?arch=arm64\u0026repository_url=registry.redhat.io/amq7/amq-broker-init-rhel9\u0026tag=7.13.2-1"
}
}
},
{
"category": "product_version",
"name": "amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:5bea712e835fa8531b0a2c25ebd89fbd43cb1efbf86361bd66886f6894ac8660_arm64",
"product": {
"name": "amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:5bea712e835fa8531b0a2c25ebd89fbd43cb1efbf86361bd66886f6894ac8660_arm64",
"product_id": "amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:5bea712e835fa8531b0a2c25ebd89fbd43cb1efbf86361bd66886f6894ac8660_arm64",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-jolokia-api-server-rhel9@sha256:5bea712e835fa8531b0a2c25ebd89fbd43cb1efbf86361bd66886f6894ac8660?arch=arm64\u0026repository_url=registry.redhat.io/amq7-tech-preview/amq-broker-jolokia-api-server-rhel9\u0026tag=7.13.2-1"
}
}
},
{
"category": "product_version",
"name": "amq7/amq-broker-rhel9@sha256:9ab9abec5a6a22c5b8b893c03e5257c3362a8afeb93b6f171d411b35acd02d87_arm64",
"product": {
"name": "amq7/amq-broker-rhel9@sha256:9ab9abec5a6a22c5b8b893c03e5257c3362a8afeb93b6f171d411b35acd02d87_arm64",
"product_id": "amq7/amq-broker-rhel9@sha256:9ab9abec5a6a22c5b8b893c03e5257c3362a8afeb93b6f171d411b35acd02d87_arm64",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-rhel9@sha256:9ab9abec5a6a22c5b8b893c03e5257c3362a8afeb93b6f171d411b35acd02d87?arch=arm64\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel9\u0026tag=7.13.2-1"
}
}
},
{
"category": "product_version",
"name": "amq7/amq-broker-rhel9-operator@sha256:3ae4080c838322980d13a5acb981c5584ec1512c7d59b7d6cee0bdc157682851_arm64",
"product": {
"name": "amq7/amq-broker-rhel9-operator@sha256:3ae4080c838322980d13a5acb981c5584ec1512c7d59b7d6cee0bdc157682851_arm64",
"product_id": "amq7/amq-broker-rhel9-operator@sha256:3ae4080c838322980d13a5acb981c5584ec1512c7d59b7d6cee0bdc157682851_arm64",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-rhel9-operator@sha256:3ae4080c838322980d13a5acb981c5584ec1512c7d59b7d6cee0bdc157682851?arch=arm64\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel9-operator\u0026tag=7.13.2-1"
}
}
},
{
"category": "product_version",
"name": "amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:8018dcfd760803867e3b5d7d52679343325e42fb9e7bd6286fbf3edcfaf3f721_arm64",
"product": {
"name": "amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:8018dcfd760803867e3b5d7d52679343325e42fb9e7bd6286fbf3edcfaf3f721_arm64",
"product_id": "amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:8018dcfd760803867e3b5d7d52679343325e42fb9e7bd6286fbf3edcfaf3f721_arm64",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-console-plugin-rhel9@sha256:8018dcfd760803867e3b5d7d52679343325e42fb9e7bd6286fbf3edcfaf3f721?arch=arm64\u0026repository_url=registry.redhat.io/amq7-tech-preview/amq-broker-console-plugin-rhel9\u0026tag=7.13.2-1"
}
}
}
],
"category": "architecture",
"name": "arm64"
},
{
"branches": [
{
"category": "product_version",
"name": "amq7/amq-broker-init-rhel9@sha256:341a80c596eb555d435d2489132cb89fe47e9a0e40f2045b5773a81889063946_s390x",
"product": {
"name": "amq7/amq-broker-init-rhel9@sha256:341a80c596eb555d435d2489132cb89fe47e9a0e40f2045b5773a81889063946_s390x",
"product_id": "amq7/amq-broker-init-rhel9@sha256:341a80c596eb555d435d2489132cb89fe47e9a0e40f2045b5773a81889063946_s390x",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-init-rhel9@sha256:341a80c596eb555d435d2489132cb89fe47e9a0e40f2045b5773a81889063946?arch=s390x\u0026repository_url=registry.redhat.io/amq7/amq-broker-init-rhel9\u0026tag=7.13.2-1"
}
}
},
{
"category": "product_version",
"name": "amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:03189040dfd46fb9d77821e82b6e476c827d435780fd5601a14a2fc427c62ac8_s390x",
"product": {
"name": "amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:03189040dfd46fb9d77821e82b6e476c827d435780fd5601a14a2fc427c62ac8_s390x",
"product_id": "amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:03189040dfd46fb9d77821e82b6e476c827d435780fd5601a14a2fc427c62ac8_s390x",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-jolokia-api-server-rhel9@sha256:03189040dfd46fb9d77821e82b6e476c827d435780fd5601a14a2fc427c62ac8?arch=s390x\u0026repository_url=registry.redhat.io/amq7-tech-preview/amq-broker-jolokia-api-server-rhel9\u0026tag=7.13.2-1"
}
}
},
{
"category": "product_version",
"name": "amq7/amq-broker-rhel9@sha256:6ee2d7b346cf6c7fe9a3dd7846e0907bfe7241cd9b8139cf6eaeb0a8dbb0a427_s390x",
"product": {
"name": "amq7/amq-broker-rhel9@sha256:6ee2d7b346cf6c7fe9a3dd7846e0907bfe7241cd9b8139cf6eaeb0a8dbb0a427_s390x",
"product_id": "amq7/amq-broker-rhel9@sha256:6ee2d7b346cf6c7fe9a3dd7846e0907bfe7241cd9b8139cf6eaeb0a8dbb0a427_s390x",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-rhel9@sha256:6ee2d7b346cf6c7fe9a3dd7846e0907bfe7241cd9b8139cf6eaeb0a8dbb0a427?arch=s390x\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel9\u0026tag=7.13.2-1"
}
}
},
{
"category": "product_version",
"name": "amq7/amq-broker-rhel9-operator@sha256:98291e2f50cc6f2313096ab5b51dcaa1e0d3232236fa6d839cfe63fbeaec0cb5_s390x",
"product": {
"name": "amq7/amq-broker-rhel9-operator@sha256:98291e2f50cc6f2313096ab5b51dcaa1e0d3232236fa6d839cfe63fbeaec0cb5_s390x",
"product_id": "amq7/amq-broker-rhel9-operator@sha256:98291e2f50cc6f2313096ab5b51dcaa1e0d3232236fa6d839cfe63fbeaec0cb5_s390x",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-rhel9-operator@sha256:98291e2f50cc6f2313096ab5b51dcaa1e0d3232236fa6d839cfe63fbeaec0cb5?arch=s390x\u0026repository_url=registry.redhat.io/amq7/amq-broker-rhel9-operator\u0026tag=7.13.2-1"
}
}
},
{
"category": "product_version",
"name": "amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:d165fa9eaa342e52b7ea9f17edff7a8b816acab21610ddedb34c0fd45c255004_s390x",
"product": {
"name": "amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:d165fa9eaa342e52b7ea9f17edff7a8b816acab21610ddedb34c0fd45c255004_s390x",
"product_id": "amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:d165fa9eaa342e52b7ea9f17edff7a8b816acab21610ddedb34c0fd45c255004_s390x",
"product_identification_helper": {
"purl": "pkg:oci/amq-broker-console-plugin-rhel9@sha256:d165fa9eaa342e52b7ea9f17edff7a8b816acab21610ddedb34c0fd45c255004?arch=s390x\u0026repository_url=registry.redhat.io/amq7-tech-preview/amq-broker-console-plugin-rhel9\u0026tag=7.13.2-1"
}
}
}
],
"category": "architecture",
"name": "s390x"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:0c2b3d12e0c749b62659fd95781f17510e71abd8659d8e8e2e77b37e43297f6c_amd64 as a component of Middleware Containers for Openshift",
"product_id": "9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:0c2b3d12e0c749b62659fd95781f17510e71abd8659d8e8e2e77b37e43297f6c_amd64"
},
"product_reference": "amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:0c2b3d12e0c749b62659fd95781f17510e71abd8659d8e8e2e77b37e43297f6c_amd64",
"relates_to_product_reference": "9Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:8018dcfd760803867e3b5d7d52679343325e42fb9e7bd6286fbf3edcfaf3f721_arm64 as a component of Middleware Containers for Openshift",
"product_id": "9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:8018dcfd760803867e3b5d7d52679343325e42fb9e7bd6286fbf3edcfaf3f721_arm64"
},
"product_reference": "amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:8018dcfd760803867e3b5d7d52679343325e42fb9e7bd6286fbf3edcfaf3f721_arm64",
"relates_to_product_reference": "9Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:d165fa9eaa342e52b7ea9f17edff7a8b816acab21610ddedb34c0fd45c255004_s390x as a component of Middleware Containers for Openshift",
"product_id": "9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:d165fa9eaa342e52b7ea9f17edff7a8b816acab21610ddedb34c0fd45c255004_s390x"
},
"product_reference": "amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:d165fa9eaa342e52b7ea9f17edff7a8b816acab21610ddedb34c0fd45c255004_s390x",
"relates_to_product_reference": "9Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:df06cfeedcc4d41d66a392a95cd103d4562b6a33f4ca665c35f310b099e61bc2_ppc64le as a component of Middleware Containers for Openshift",
"product_id": "9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:df06cfeedcc4d41d66a392a95cd103d4562b6a33f4ca665c35f310b099e61bc2_ppc64le"
},
"product_reference": "amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:df06cfeedcc4d41d66a392a95cd103d4562b6a33f4ca665c35f310b099e61bc2_ppc64le",
"relates_to_product_reference": "9Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:03189040dfd46fb9d77821e82b6e476c827d435780fd5601a14a2fc427c62ac8_s390x as a component of Middleware Containers for Openshift",
"product_id": "9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:03189040dfd46fb9d77821e82b6e476c827d435780fd5601a14a2fc427c62ac8_s390x"
},
"product_reference": "amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:03189040dfd46fb9d77821e82b6e476c827d435780fd5601a14a2fc427c62ac8_s390x",
"relates_to_product_reference": "9Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:5bea712e835fa8531b0a2c25ebd89fbd43cb1efbf86361bd66886f6894ac8660_arm64 as a component of Middleware Containers for Openshift",
"product_id": "9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:5bea712e835fa8531b0a2c25ebd89fbd43cb1efbf86361bd66886f6894ac8660_arm64"
},
"product_reference": "amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:5bea712e835fa8531b0a2c25ebd89fbd43cb1efbf86361bd66886f6894ac8660_arm64",
"relates_to_product_reference": "9Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:860d4857f8f78e187700097f7e284881ebcd3cc546be5c5e10dbecf062fb0743_amd64 as a component of Middleware Containers for Openshift",
"product_id": "9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:860d4857f8f78e187700097f7e284881ebcd3cc546be5c5e10dbecf062fb0743_amd64"
},
"product_reference": "amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:860d4857f8f78e187700097f7e284881ebcd3cc546be5c5e10dbecf062fb0743_amd64",
"relates_to_product_reference": "9Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:e03e5adcfe23118c42cfe6eaa5de710128ebcd1188582c3d39cd2fd0f16af01e_ppc64le as a component of Middleware Containers for Openshift",
"product_id": "9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:e03e5adcfe23118c42cfe6eaa5de710128ebcd1188582c3d39cd2fd0f16af01e_ppc64le"
},
"product_reference": "amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:e03e5adcfe23118c42cfe6eaa5de710128ebcd1188582c3d39cd2fd0f16af01e_ppc64le",
"relates_to_product_reference": "9Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-init-rhel9@sha256:1855ee7290a6b7446e5adc64ca447cb5d3fb462fb11a0d01cb9b5ef67ad666bb_amd64 as a component of Middleware Containers for Openshift",
"product_id": "9Base-RHOSE-Middleware:amq7/amq-broker-init-rhel9@sha256:1855ee7290a6b7446e5adc64ca447cb5d3fb462fb11a0d01cb9b5ef67ad666bb_amd64"
},
"product_reference": "amq7/amq-broker-init-rhel9@sha256:1855ee7290a6b7446e5adc64ca447cb5d3fb462fb11a0d01cb9b5ef67ad666bb_amd64",
"relates_to_product_reference": "9Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-init-rhel9@sha256:341a80c596eb555d435d2489132cb89fe47e9a0e40f2045b5773a81889063946_s390x as a component of Middleware Containers for Openshift",
"product_id": "9Base-RHOSE-Middleware:amq7/amq-broker-init-rhel9@sha256:341a80c596eb555d435d2489132cb89fe47e9a0e40f2045b5773a81889063946_s390x"
},
"product_reference": "amq7/amq-broker-init-rhel9@sha256:341a80c596eb555d435d2489132cb89fe47e9a0e40f2045b5773a81889063946_s390x",
"relates_to_product_reference": "9Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-init-rhel9@sha256:725b875c9ca96582d691aef2220b14e22f75e6840b987f48bf1333f428cfa1f7_ppc64le as a component of Middleware Containers for Openshift",
"product_id": "9Base-RHOSE-Middleware:amq7/amq-broker-init-rhel9@sha256:725b875c9ca96582d691aef2220b14e22f75e6840b987f48bf1333f428cfa1f7_ppc64le"
},
"product_reference": "amq7/amq-broker-init-rhel9@sha256:725b875c9ca96582d691aef2220b14e22f75e6840b987f48bf1333f428cfa1f7_ppc64le",
"relates_to_product_reference": "9Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-init-rhel9@sha256:869954655497885a4567939746a1d044df1479321b4cac63ee93d629738124dc_arm64 as a component of Middleware Containers for Openshift",
"product_id": "9Base-RHOSE-Middleware:amq7/amq-broker-init-rhel9@sha256:869954655497885a4567939746a1d044df1479321b4cac63ee93d629738124dc_arm64"
},
"product_reference": "amq7/amq-broker-init-rhel9@sha256:869954655497885a4567939746a1d044df1479321b4cac63ee93d629738124dc_arm64",
"relates_to_product_reference": "9Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-rhel9-operator-bundle@sha256:33f584255364b8f5cc7e37f14d7a257b4414716872323433374001df2eb47c7d_amd64 as a component of Middleware Containers for Openshift",
"product_id": "9Base-RHOSE-Middleware:amq7/amq-broker-rhel9-operator-bundle@sha256:33f584255364b8f5cc7e37f14d7a257b4414716872323433374001df2eb47c7d_amd64"
},
"product_reference": "amq7/amq-broker-rhel9-operator-bundle@sha256:33f584255364b8f5cc7e37f14d7a257b4414716872323433374001df2eb47c7d_amd64",
"relates_to_product_reference": "9Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-rhel9-operator@sha256:3ae4080c838322980d13a5acb981c5584ec1512c7d59b7d6cee0bdc157682851_arm64 as a component of Middleware Containers for Openshift",
"product_id": "9Base-RHOSE-Middleware:amq7/amq-broker-rhel9-operator@sha256:3ae4080c838322980d13a5acb981c5584ec1512c7d59b7d6cee0bdc157682851_arm64"
},
"product_reference": "amq7/amq-broker-rhel9-operator@sha256:3ae4080c838322980d13a5acb981c5584ec1512c7d59b7d6cee0bdc157682851_arm64",
"relates_to_product_reference": "9Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-rhel9-operator@sha256:98291e2f50cc6f2313096ab5b51dcaa1e0d3232236fa6d839cfe63fbeaec0cb5_s390x as a component of Middleware Containers for Openshift",
"product_id": "9Base-RHOSE-Middleware:amq7/amq-broker-rhel9-operator@sha256:98291e2f50cc6f2313096ab5b51dcaa1e0d3232236fa6d839cfe63fbeaec0cb5_s390x"
},
"product_reference": "amq7/amq-broker-rhel9-operator@sha256:98291e2f50cc6f2313096ab5b51dcaa1e0d3232236fa6d839cfe63fbeaec0cb5_s390x",
"relates_to_product_reference": "9Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-rhel9-operator@sha256:d3d35ae65371c65e84c93608d1dc4f1516e822d078d60a712c2bbb59a4350991_ppc64le as a component of Middleware Containers for Openshift",
"product_id": "9Base-RHOSE-Middleware:amq7/amq-broker-rhel9-operator@sha256:d3d35ae65371c65e84c93608d1dc4f1516e822d078d60a712c2bbb59a4350991_ppc64le"
},
"product_reference": "amq7/amq-broker-rhel9-operator@sha256:d3d35ae65371c65e84c93608d1dc4f1516e822d078d60a712c2bbb59a4350991_ppc64le",
"relates_to_product_reference": "9Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-rhel9-operator@sha256:e06ad5a9fb69f76088bdd5ab5a4271ca62c78659fbffd9e7c632a8e5466cfd6b_amd64 as a component of Middleware Containers for Openshift",
"product_id": "9Base-RHOSE-Middleware:amq7/amq-broker-rhel9-operator@sha256:e06ad5a9fb69f76088bdd5ab5a4271ca62c78659fbffd9e7c632a8e5466cfd6b_amd64"
},
"product_reference": "amq7/amq-broker-rhel9-operator@sha256:e06ad5a9fb69f76088bdd5ab5a4271ca62c78659fbffd9e7c632a8e5466cfd6b_amd64",
"relates_to_product_reference": "9Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-rhel9@sha256:6ee2d7b346cf6c7fe9a3dd7846e0907bfe7241cd9b8139cf6eaeb0a8dbb0a427_s390x as a component of Middleware Containers for Openshift",
"product_id": "9Base-RHOSE-Middleware:amq7/amq-broker-rhel9@sha256:6ee2d7b346cf6c7fe9a3dd7846e0907bfe7241cd9b8139cf6eaeb0a8dbb0a427_s390x"
},
"product_reference": "amq7/amq-broker-rhel9@sha256:6ee2d7b346cf6c7fe9a3dd7846e0907bfe7241cd9b8139cf6eaeb0a8dbb0a427_s390x",
"relates_to_product_reference": "9Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-rhel9@sha256:9a3b7a41a2d0e7ab6a6f804d092f271feae675c39db3101f20318201360ca840_ppc64le as a component of Middleware Containers for Openshift",
"product_id": "9Base-RHOSE-Middleware:amq7/amq-broker-rhel9@sha256:9a3b7a41a2d0e7ab6a6f804d092f271feae675c39db3101f20318201360ca840_ppc64le"
},
"product_reference": "amq7/amq-broker-rhel9@sha256:9a3b7a41a2d0e7ab6a6f804d092f271feae675c39db3101f20318201360ca840_ppc64le",
"relates_to_product_reference": "9Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-rhel9@sha256:9ab9abec5a6a22c5b8b893c03e5257c3362a8afeb93b6f171d411b35acd02d87_arm64 as a component of Middleware Containers for Openshift",
"product_id": "9Base-RHOSE-Middleware:amq7/amq-broker-rhel9@sha256:9ab9abec5a6a22c5b8b893c03e5257c3362a8afeb93b6f171d411b35acd02d87_arm64"
},
"product_reference": "amq7/amq-broker-rhel9@sha256:9ab9abec5a6a22c5b8b893c03e5257c3362a8afeb93b6f171d411b35acd02d87_arm64",
"relates_to_product_reference": "9Base-RHOSE-Middleware"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "amq7/amq-broker-rhel9@sha256:ea91a6449ec9b6311ed3ff1294212dd746dc64a040bb797b5fda42f4f29efcb5_amd64 as a component of Middleware Containers for Openshift",
"product_id": "9Base-RHOSE-Middleware:amq7/amq-broker-rhel9@sha256:ea91a6449ec9b6311ed3ff1294212dd746dc64a040bb797b5fda42f4f29efcb5_amd64"
},
"product_reference": "amq7/amq-broker-rhel9@sha256:ea91a6449ec9b6311ed3ff1294212dd746dc64a040bb797b5fda42f4f29efcb5_amd64",
"relates_to_product_reference": "9Base-RHOSE-Middleware"
}
]
},
"vulnerabilities": [
{
"acknowledgments": [
{
"names": [
"Antony Di Scala",
"Mike Whale"
]
}
],
"cve": "CVE-2025-58712",
"cwe": {
"id": "CWE-276",
"name": "Incorrect Default Permissions"
},
"discovery_date": "2025-09-10T17:28:57.860000+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "2394418"
}
],
"notes": [
{
"category": "description",
"text": "A container privilege escalation flaw was found in certain AMQ Broker images. This issue stems from the /etc/passwd file being created with group-writable permissions during build time. In certain conditions, an attacker who can execute commands within an affected container, even as a non-root user, can leverage their membership in the root group to modify the /etc/passwd file. This could allow the attacker to add a new user with any arbitrary UID, including UID 0, leading to full root privileges within the container.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "amq: privilege escalation via excessive /etc/passwd permissions",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:0c2b3d12e0c749b62659fd95781f17510e71abd8659d8e8e2e77b37e43297f6c_amd64",
"9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:8018dcfd760803867e3b5d7d52679343325e42fb9e7bd6286fbf3edcfaf3f721_arm64",
"9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:d165fa9eaa342e52b7ea9f17edff7a8b816acab21610ddedb34c0fd45c255004_s390x",
"9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:df06cfeedcc4d41d66a392a95cd103d4562b6a33f4ca665c35f310b099e61bc2_ppc64le",
"9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:03189040dfd46fb9d77821e82b6e476c827d435780fd5601a14a2fc427c62ac8_s390x",
"9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:5bea712e835fa8531b0a2c25ebd89fbd43cb1efbf86361bd66886f6894ac8660_arm64",
"9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:860d4857f8f78e187700097f7e284881ebcd3cc546be5c5e10dbecf062fb0743_amd64",
"9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:e03e5adcfe23118c42cfe6eaa5de710128ebcd1188582c3d39cd2fd0f16af01e_ppc64le",
"9Base-RHOSE-Middleware:amq7/amq-broker-init-rhel9@sha256:1855ee7290a6b7446e5adc64ca447cb5d3fb462fb11a0d01cb9b5ef67ad666bb_amd64",
"9Base-RHOSE-Middleware:amq7/amq-broker-init-rhel9@sha256:341a80c596eb555d435d2489132cb89fe47e9a0e40f2045b5773a81889063946_s390x",
"9Base-RHOSE-Middleware:amq7/amq-broker-init-rhel9@sha256:725b875c9ca96582d691aef2220b14e22f75e6840b987f48bf1333f428cfa1f7_ppc64le",
"9Base-RHOSE-Middleware:amq7/amq-broker-init-rhel9@sha256:869954655497885a4567939746a1d044df1479321b4cac63ee93d629738124dc_arm64",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9-operator-bundle@sha256:33f584255364b8f5cc7e37f14d7a257b4414716872323433374001df2eb47c7d_amd64",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9-operator@sha256:3ae4080c838322980d13a5acb981c5584ec1512c7d59b7d6cee0bdc157682851_arm64",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9-operator@sha256:98291e2f50cc6f2313096ab5b51dcaa1e0d3232236fa6d839cfe63fbeaec0cb5_s390x",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9-operator@sha256:d3d35ae65371c65e84c93608d1dc4f1516e822d078d60a712c2bbb59a4350991_ppc64le",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9-operator@sha256:e06ad5a9fb69f76088bdd5ab5a4271ca62c78659fbffd9e7c632a8e5466cfd6b_amd64",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9@sha256:6ee2d7b346cf6c7fe9a3dd7846e0907bfe7241cd9b8139cf6eaeb0a8dbb0a427_s390x",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9@sha256:9a3b7a41a2d0e7ab6a6f804d092f271feae675c39db3101f20318201360ca840_ppc64le",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9@sha256:9ab9abec5a6a22c5b8b893c03e5257c3362a8afeb93b6f171d411b35acd02d87_arm64",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9@sha256:ea91a6449ec9b6311ed3ff1294212dd746dc64a040bb797b5fda42f4f29efcb5_amd64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2025-58712"
},
{
"category": "external",
"summary": "RHBZ#2394418",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=2394418"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2025-58712",
"url": "https://www.cve.org/CVERecord?id=CVE-2025-58712"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2025-58712",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2025-58712"
}
],
"release_date": "2025-10-07T14:26:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2025-10-08T14:38:05+00:00",
"details": "To update to the latest image please refer to the AMQ container images in the Red Hat Container catalog.",
"product_ids": [
"9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:0c2b3d12e0c749b62659fd95781f17510e71abd8659d8e8e2e77b37e43297f6c_amd64",
"9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:8018dcfd760803867e3b5d7d52679343325e42fb9e7bd6286fbf3edcfaf3f721_arm64",
"9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:d165fa9eaa342e52b7ea9f17edff7a8b816acab21610ddedb34c0fd45c255004_s390x",
"9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:df06cfeedcc4d41d66a392a95cd103d4562b6a33f4ca665c35f310b099e61bc2_ppc64le",
"9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:03189040dfd46fb9d77821e82b6e476c827d435780fd5601a14a2fc427c62ac8_s390x",
"9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:5bea712e835fa8531b0a2c25ebd89fbd43cb1efbf86361bd66886f6894ac8660_arm64",
"9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:860d4857f8f78e187700097f7e284881ebcd3cc546be5c5e10dbecf062fb0743_amd64",
"9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:e03e5adcfe23118c42cfe6eaa5de710128ebcd1188582c3d39cd2fd0f16af01e_ppc64le",
"9Base-RHOSE-Middleware:amq7/amq-broker-init-rhel9@sha256:1855ee7290a6b7446e5adc64ca447cb5d3fb462fb11a0d01cb9b5ef67ad666bb_amd64",
"9Base-RHOSE-Middleware:amq7/amq-broker-init-rhel9@sha256:341a80c596eb555d435d2489132cb89fe47e9a0e40f2045b5773a81889063946_s390x",
"9Base-RHOSE-Middleware:amq7/amq-broker-init-rhel9@sha256:725b875c9ca96582d691aef2220b14e22f75e6840b987f48bf1333f428cfa1f7_ppc64le",
"9Base-RHOSE-Middleware:amq7/amq-broker-init-rhel9@sha256:869954655497885a4567939746a1d044df1479321b4cac63ee93d629738124dc_arm64",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9-operator-bundle@sha256:33f584255364b8f5cc7e37f14d7a257b4414716872323433374001df2eb47c7d_amd64",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9-operator@sha256:3ae4080c838322980d13a5acb981c5584ec1512c7d59b7d6cee0bdc157682851_arm64",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9-operator@sha256:98291e2f50cc6f2313096ab5b51dcaa1e0d3232236fa6d839cfe63fbeaec0cb5_s390x",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9-operator@sha256:d3d35ae65371c65e84c93608d1dc4f1516e822d078d60a712c2bbb59a4350991_ppc64le",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9-operator@sha256:e06ad5a9fb69f76088bdd5ab5a4271ca62c78659fbffd9e7c632a8e5466cfd6b_amd64",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9@sha256:6ee2d7b346cf6c7fe9a3dd7846e0907bfe7241cd9b8139cf6eaeb0a8dbb0a427_s390x",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9@sha256:9a3b7a41a2d0e7ab6a6f804d092f271feae675c39db3101f20318201360ca840_ppc64le",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9@sha256:9ab9abec5a6a22c5b8b893c03e5257c3362a8afeb93b6f171d411b35acd02d87_arm64",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9@sha256:ea91a6449ec9b6311ed3ff1294212dd746dc64a040bb797b5fda42f4f29efcb5_amd64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2025:17562"
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "LOCAL",
"availabilityImpact": "LOW",
"baseScore": 5.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"integrityImpact": "HIGH",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:L/I:H/A:L",
"version": "3.1"
},
"products": [
"9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:0c2b3d12e0c749b62659fd95781f17510e71abd8659d8e8e2e77b37e43297f6c_amd64",
"9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:8018dcfd760803867e3b5d7d52679343325e42fb9e7bd6286fbf3edcfaf3f721_arm64",
"9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:d165fa9eaa342e52b7ea9f17edff7a8b816acab21610ddedb34c0fd45c255004_s390x",
"9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-console-plugin-rhel9@sha256:df06cfeedcc4d41d66a392a95cd103d4562b6a33f4ca665c35f310b099e61bc2_ppc64le",
"9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:03189040dfd46fb9d77821e82b6e476c827d435780fd5601a14a2fc427c62ac8_s390x",
"9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:5bea712e835fa8531b0a2c25ebd89fbd43cb1efbf86361bd66886f6894ac8660_arm64",
"9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:860d4857f8f78e187700097f7e284881ebcd3cc546be5c5e10dbecf062fb0743_amd64",
"9Base-RHOSE-Middleware:amq7-tech-preview/amq-broker-jolokia-api-server-rhel9@sha256:e03e5adcfe23118c42cfe6eaa5de710128ebcd1188582c3d39cd2fd0f16af01e_ppc64le",
"9Base-RHOSE-Middleware:amq7/amq-broker-init-rhel9@sha256:1855ee7290a6b7446e5adc64ca447cb5d3fb462fb11a0d01cb9b5ef67ad666bb_amd64",
"9Base-RHOSE-Middleware:amq7/amq-broker-init-rhel9@sha256:341a80c596eb555d435d2489132cb89fe47e9a0e40f2045b5773a81889063946_s390x",
"9Base-RHOSE-Middleware:amq7/amq-broker-init-rhel9@sha256:725b875c9ca96582d691aef2220b14e22f75e6840b987f48bf1333f428cfa1f7_ppc64le",
"9Base-RHOSE-Middleware:amq7/amq-broker-init-rhel9@sha256:869954655497885a4567939746a1d044df1479321b4cac63ee93d629738124dc_arm64",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9-operator-bundle@sha256:33f584255364b8f5cc7e37f14d7a257b4414716872323433374001df2eb47c7d_amd64",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9-operator@sha256:3ae4080c838322980d13a5acb981c5584ec1512c7d59b7d6cee0bdc157682851_arm64",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9-operator@sha256:98291e2f50cc6f2313096ab5b51dcaa1e0d3232236fa6d839cfe63fbeaec0cb5_s390x",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9-operator@sha256:d3d35ae65371c65e84c93608d1dc4f1516e822d078d60a712c2bbb59a4350991_ppc64le",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9-operator@sha256:e06ad5a9fb69f76088bdd5ab5a4271ca62c78659fbffd9e7c632a8e5466cfd6b_amd64",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9@sha256:6ee2d7b346cf6c7fe9a3dd7846e0907bfe7241cd9b8139cf6eaeb0a8dbb0a427_s390x",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9@sha256:9a3b7a41a2d0e7ab6a6f804d092f271feae675c39db3101f20318201360ca840_ppc64le",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9@sha256:9ab9abec5a6a22c5b8b893c03e5257c3362a8afeb93b6f171d411b35acd02d87_arm64",
"9Base-RHOSE-Middleware:amq7/amq-broker-rhel9@sha256:ea91a6449ec9b6311ed3ff1294212dd746dc64a040bb797b5fda42f4f29efcb5_amd64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "amq: privilege escalation via excessive /etc/passwd permissions"
}
]
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…
Loading…