← Back
2025-10-31 18:31CVE-2025-64348cisa-cg
PUBLISHED5.2CWE-862

ELOG configuration file authorization bypass

ELOG allows an authenticated user to modify or overwrite the configuration file, resulting in denial of service. If the execute facility is specifically enabled with the "-x" command line flag, attackers could execute OS commands on the host machine. By default, ELOG is not configured to allow shell commands or self-registration.

Problem type

Affected products

ELOG

ELOG

* - AFFECTED

References

url

https://bitbucket.org/ritt/elog/commits/f81e5695c40997322fe2713bfdeba459d9de09dc

url

https://bitbucket.org/ritt/elog/commits/7092ff64f6eb9521f8cc8c52272a020bf3730946

url

https://www.cve.org/CVERecord?id=CVE-2025-64348

url

https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-304-01.json

JSON source

Click to expand
{
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2",
  "cveMetadata": {
    "cveId": "CVE-2025-64348",
    "assignerOrgId": "9119a7d8-5eab-497f-8521-727c672e3725",
    "assignerShortName": "cisa-cg",
    "dateUpdated": "2025-10-31T18:31:21.412Z",
    "dateReserved": "2025-10-30T20:40:29.749Z",
    "datePublished": "2025-10-31T18:31:21.412Z",
    "state": "PUBLISHED"
  },
  "containers": {
    "cna": {
      "providerMetadata": {
        "orgId": "9119a7d8-5eab-497f-8521-727c672e3725",
        "shortName": "cisa-cg",
        "dateUpdated": "2025-10-31T18:31:21.412Z"
      },
      "datePublic": "2025-10-31T00:00:00.000Z",
      "title": "ELOG configuration file authorization bypass",
      "descriptions": [
        {
          "lang": "en",
          "value": "ELOG allows an authenticated user to modify or overwrite the configuration file, resulting in denial of service. If the execute facility is specifically enabled with the \"-x\" command line flag, attackers could execute OS commands on the host machine. By default, ELOG is not configured to allow shell commands or self-registration."
        }
      ],
      "affected": [
        {
          "vendor": "ELOG",
          "product": "ELOG",
          "defaultStatus": "affected",
          "versions": [
            {
              "version": "*",
              "status": "affected"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "lang": "en",
              "description": "CWE-862 Missing Authorization",
              "cweId": "CWE-862",
              "type": "CWE"
            }
          ]
        }
      ],
      "references": [
        {
          "url": "https://bitbucket.org/ritt/elog/commits/f81e5695c40997322fe2713bfdeba459d9de09dc",
          "name": "url"
        },
        {
          "url": "https://bitbucket.org/ritt/elog/commits/7092ff64f6eb9521f8cc8c52272a020bf3730946",
          "name": "url"
        },
        {
          "url": "https://www.cve.org/CVERecord?id=CVE-2025-64348",
          "name": "url"
        },
        {
          "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/IT/white/2025/va-25-304-01.json",
          "name": "url"
        }
      ],
      "metrics": [
        {},
        {
          "cvssV3_1": {
            "version": "3.1",
            "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H",
            "attackVector": "NETWORK",
            "attackComplexity": "LOW",
            "privilegesRequired": "LOW",
            "userInteraction": "NONE",
            "scope": "UNCHANGED",
            "confidentialityImpact": "NONE",
            "integrityImpact": "LOW",
            "availabilityImpact": "HIGH",
            "baseScore": 7.1,
            "baseSeverity": "HIGH"
          }
        },
        {}
      ],
      "credits": [
        {
          "lang": "en",
          "value": "Karl Meister, CISA"
        }
      ]
    }
  }
}

Mitre source

https://cveawg.mitre.org/api/cve/CVE-2025-64348