{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-2181", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "state": "PUBLISHED", "assignerShortName": "palo_alto", "dateReserved": "2025-03-10T17:56:23.828Z", "datePublished": "2025-08-13T17:03:03.787Z", "dateUpdated": "2025-08-13T20:31:43.129Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "Checkov by Prisma Cloud", "vendor": "Palo Alto Networks", "versions": [{"changes": [{"at": "3.2.449", "status": "unaffected"}], "lessThan": "3.2.449", "status": "affected", "version": "3.2.0", "versionType": "custom"}]}], "configurations": [{"lang": "eng", "supportingMedia": [{"base64": false, "type": "text/html", "value": "No special configuration is required to be affected by this issue."}], "value": "No special configuration is required to be affected by this issue."}], "credits": [{"lang": "en", "type": "finder", "value": "Shashank Chaurasia"}], "datePublic": "2025-08-13T16:00:00.000Z", "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>A sensitive information disclosure vulnerability in Palo Alto Networks Checkov by Prisma\u00ae Cloud can result in the cleartext exposure of&nbsp;Prisma Cloud access keys in Checkov's output.</p>"}], "value": "A sensitive information disclosure vulnerability in Palo Alto Networks Checkov by Prisma\u00ae Cloud can result in the cleartext exposure of\u00a0Prisma Cloud access keys in Checkov's output."}], "exploits": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue."}], "impacts": [{"capecId": "CAPEC-37", "descriptions": [{"lang": "en", "value": "CAPEC-37 Retrieve Embedded Sensitive Data"}]}], "metrics": [{"cvssV4_0": {"Automatable": "NO", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "baseScore": 5.9, "baseSeverity": "MEDIUM", "privilegesRequired": "NONE", "providerUrgency": "AMBER", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "ACTIVE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/AU:N/R:U/V:D/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "Attacker finds a Prisma Cloud access key in a Checkov output file that a user uploaded to an insecure location."}]}, {"cvssV4_0": {"Automatable": "NO", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "LOCAL", "baseScore": 5.1, "baseSeverity": "MEDIUM", "privilegesRequired": "LOW", "providerUrgency": "AMBER", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "PASSIVE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/AU:N/R:U/V:D/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "Attacker gains access to a system and then finds a Checkov output file that contains an exposed Prisma Cloud access key."}]}], "problemTypes": [{"descriptions": [{"cweId": "CWE-312", "description": "CWE-312 Cleartext Storage of Sensitive Information", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2025-08-13T17:03:03.787Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://security.paloaltonetworks.com/CVE-2025-2181"}], "solutions": [{"lang": "eng", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<table><thead><tr><th>Version<br></th><th>Minor Version<br></th><th>Suggested Solution<br></th></tr></thead><tbody><tr>\n <td>Checkov by Prisma Cloud 3.2<br></td>\n <td>3.2.0 through 3.2.448</td>\n <td>Upgrade to 3.2.449 or later.</td>\n </tr></tbody></table><br>Checkov integration in Prisma Cloud is upgraded automatically when new versions become available. All Prisma Cloud access keys used by Checkov should be rotated after upgrading to a fixed version (this step is recommended for all modes of using Checkov)."}], "value": "Version\nMinor Version\nSuggested Solution\n\n Checkov by Prisma Cloud 3.2\n\n 3.2.0 through 3.2.448\n Upgrade to 3.2.449 or later.\n \nCheckov integration in Prisma Cloud is upgraded automatically when new versions become available. All Prisma Cloud access keys used by Checkov should be rotated after upgrading to a fixed version (this step is recommended for all modes of using Checkov)."}], "source": {"defect": ["BCE-42897"], "discovery": "EXTERNAL"}, "timeline": [{"lang": "en", "time": "2025-08-13T16:00:00.000Z", "value": "Initial Publication"}], "title": "Checkov by Prisma Cloud: Cleartext Exposure of Credentials", "workarounds": [{"lang": "eng", "supportingMedia": [{"base64": false, "type": "text/html", "value": "No known workarounds exist for this issue."}], "value": "No known workarounds exist for this issue."}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-08-13T20:31:31.868823Z", "id": "CVE-2025-2181", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-13T20:31:43.129Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-2181", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-08-13T20:31:31.868823Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-08-13T20:31:37.077Z"}}], "cna": {"title": "Checkov by Prisma Cloud: Cleartext Exposure of Credentials", "source": {"defect": ["BCE-42897"], "discovery": "EXTERNAL"}, "credits": [{"lang": "en", "type": "finder", "value": "Shashank Chaurasia"}], "impacts": [{"capecId": "CAPEC-37", "descriptions": [{"lang": "en", "value": "CAPEC-37 Retrieve Embedded Sensitive Data"}]}], "metrics": [{"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "USER", "baseScore": 5.9, "Automatable": "NO", "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/AU:N/R:U/V:D/RE:M/U:Amber", "providerUrgency": "AMBER", "userInteraction": "ACTIVE", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "privilegesRequired": "NONE", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "MODERATE"}, "scenarios": [{"lang": "en", "value": "Attacker finds a Prisma Cloud access key in a Checkov output file that a user uploaded to an insecure location."}]}, {"format": "CVSS", "cvssV4_0": {"Safety": "NOT_DEFINED", "version": "4.0", "Recovery": "USER", "baseScore": 5.1, "Automatable": "NO", "attackVector": "LOCAL", "baseSeverity": "MEDIUM", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/AU:N/R:U/V:D/RE:M/U:Amber", "providerUrgency": "AMBER", "userInteraction": "PASSIVE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "LOW", "subIntegrityImpact": "LOW", "vulnIntegrityImpact": "NONE", "subAvailabilityImpact": "LOW", "vulnAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "vulnConfidentialityImpact": "HIGH", "vulnerabilityResponseEffort": "MODERATE"}, "scenarios": [{"lang": "en", "value": "Attacker gains access to a system and then finds a Checkov output file that contains an exposed Prisma Cloud access key."}]}], "affected": [{"vendor": "Palo Alto Networks", "product": "Checkov by Prisma Cloud", "versions": [{"status": "affected", "changes": [{"at": "3.2.449", "status": "unaffected"}], "version": "3.2.0", "lessThan": "3.2.449", "versionType": "custom"}], "defaultStatus": "unaffected"}], "exploits": [{"lang": "en", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.", "supportingMedia": [{"type": "text/html", "value": "Palo Alto Networks is not aware of any malicious exploitation of this issue.", "base64": false}]}], "timeline": [{"lang": "en", "time": "2025-08-13T16:00:00.000Z", "value": "Initial Publication"}], "solutions": [{"lang": "eng", "value": "Version\nMinor Version\nSuggested Solution\n\n Checkov by Prisma Cloud 3.2\n\n 3.2.0 through 3.2.448\n Upgrade to 3.2.449 or later.\n \nCheckov integration in Prisma Cloud is upgraded automatically when new versions become available. All Prisma Cloud access keys used by Checkov should be rotated after upgrading to a fixed version (this step is recommended for all modes of using Checkov).", "supportingMedia": [{"type": "text/html", "value": "<table><thead><tr><th>Version<br></th><th>Minor Version<br></th><th>Suggested Solution<br></th></tr></thead><tbody><tr>\n <td>Checkov by Prisma Cloud 3.2<br></td>\n <td>3.2.0 through 3.2.448</td>\n <td>Upgrade to 3.2.449 or later.</td>\n </tr></tbody></table><br>Checkov integration in Prisma Cloud is upgraded automatically when new versions become available. All Prisma Cloud access keys used by Checkov should be rotated after upgrading to a fixed version (this step is recommended for all modes of using Checkov).", "base64": false}]}], "datePublic": "2025-08-13T16:00:00.000Z", "references": [{"url": "https://security.paloaltonetworks.com/CVE-2025-2181", "tags": ["vendor-advisory"]}], "workarounds": [{"lang": "eng", "value": "No known workarounds exist for this issue.", "supportingMedia": [{"type": "text/html", "value": "No known workarounds exist for this issue.", "base64": false}]}], "x_generator": {"engine": "Vulnogram 0.1.0-dev"}, "descriptions": [{"lang": "en", "value": "A sensitive information disclosure vulnerability in Palo Alto Networks Checkov by Prisma\u00ae Cloud can result in the cleartext exposure of\u00a0Prisma Cloud access keys in Checkov's output.", "supportingMedia": [{"type": "text/html", "value": "<p>A sensitive information disclosure vulnerability in Palo Alto Networks Checkov by Prisma\u00ae Cloud can result in the cleartext exposure of&nbsp;Prisma Cloud access keys in Checkov's output.</p>", "base64": false}]}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-312", "description": "CWE-312 Cleartext Storage of Sensitive Information"}]}], "configurations": [{"lang": "eng", "value": "No special configuration is required to be affected by this issue.", "supportingMedia": [{"type": "text/html", "value": "No special configuration is required to be affected by this issue.", "base64": false}]}], "providerMetadata": {"orgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "shortName": "palo_alto", "dateUpdated": "2025-08-13T17:03:03.787Z"}}}, "cveMetadata": {"cveId": "CVE-2025-2181", "state": "PUBLISHED", "dateUpdated": "2025-08-13T20:31:43.129Z", "dateReserved": "2025-03-10T17:56:23.828Z", "assignerOrgId": "d6c1279f-00f6-4ef7-9217-f89ffe703ec0", "datePublished": "2025-08-13T17:03:03.787Z", "assignerShortName": "palo_alto"}, "dataVersion": "5.1"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "A sensitive information disclosure vulnerability in Palo Alto Networks Checkov by Prisma\u00ae Cloud can result in the cleartext exposure of\u00a0Prisma Cloud access keys in Checkov's output."}], "id": "CVE-2025-2181", "lastModified": "2025-08-13T17:33:46.673", "metrics": {"cvssMetricV40": [{"cvssData": {"Automatable": "NO", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "PRESENT", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 5.9, "baseSeverity": "MEDIUM", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "AMBER", "subAvailabilityImpact": "LOW", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "ACTIVE", "valueDensity": "DIFFUSE", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:D/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "NONE", "vulnerabilityResponseEffort": "MODERATE"}, "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}, "published": "2025-08-13T17:15:27.000", "references": [{"source": "psirt@paloaltonetworks.com", "url": "https://security.paloaltonetworks.com/CVE-2025-2181"}], "sourceIdentifier": "psirt@paloaltonetworks.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-312"}], "source": "psirt@paloaltonetworks.com", "type": "Secondary"}]}

{}