CVE-2025-8904

216.73.217.22

· Published 13/08/2025 18:15 · Modified 13/08/2025 18:15

Labels: CVE-2025-8904 2025-08-13 CVE-2025-8904 CWE-257 ff89ba41-3aa1-4d27-914a-91399e9639e5

Essential information

Published: 13/08/2025 18:15
Modified: 13/08/2025 18:15
Author: —
Creator: —
CVSS: 9.0 CRITICAL (v3) 9.0 CRITICAL (v4.0)
CISA KEV: No
CWE: —
CVSS vector: —

CVSS metrics

Description

Amazon EMR Secret Agent creates a keytab file containing Kerberos credentials. This file is stored in the /tmp/ directory. A user with access to this directory and another account can potentially decrypt the keys and escalate to higher privileges. Users are advised to upgrade to Amazon EMR version 7.5 or higher. For Amazon EMR releases between 6.10 and 7.4, we strongly recommend that you run the bootstrap script and RPM files with the fix provided in the location below.

NVD status

Status: Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source: ff89ba41-3aa1-4d27-914a-91399e9639e5
NVD: View on NVD

Affected products (CPE)

Product	CPE
amazon / emr	`cpe:2.3:a:amazon:emr:7.5:::::::*`
amazon / emr	`cpe:2.3:a:amazon:emr:6.10-7.4:::::::*`