216.73.217.139

CVE-2025-2598

· Published 21/03/2025 15:15 · Modified 21/03/2025 17:15

Labels: CVE-2025-2598 2025-03-21CVE-2025-2598CWE-497ff89ba41-3aa1-4d27-914a-91399e9639e5

Essential information

Published
21/03/2025 15:15
Modified
21/03/2025 17:15
Author
Creator
CVSS
5.7 MEDIUM (v3) 5.7 MEDIUM (v4.0)
CISA KEV
No
CWE
CVSS vector

CVSS metrics

Description

When the AWS Cloud Development Kit (AWS CDK) Command Line Interface (AWS CDK CLI) is used with a credential plugin which returns an expiration property with the retrieved AWS credentials, the credentials are printed to the console output. To mitigate this issue, users should upgrade to version 2.178.2 or later and ensure any forked or derivative code is patched to incorporate the new fixes.

NVD status

Status
Received — CVE has been recently published to the CVE List and has been received by the NVD.
Source
ff89ba41-3aa1-4d27-914a-91399e9639e5
NVD
View on NVD

Affected products (CPE)

ProductCPE
aws / cloud development kit cpe:2.3:a:aws:cloud_development_kit:*:*:*:*:*:*:*:*

References