{"dataType": "CVE_RECORD", "dataVersion": "5.2", "cveMetadata": {"cveId": "CVE-2025-66406", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2025-11-28T23:33:56.365Z", "datePublished": "2025-12-03T19:13:48.240Z", "dateUpdated": "2025-12-03T21:40:59.681Z"}, "containers": {"cna": {"title": "Improper Authorization Check for SSH Certificate Revocation", "problemTypes": [{"descriptions": [{"cweId": "CWE-863", "lang": "en", "description": "CWE-863: Incorrect Authorization", "type": "CWE"}]}], "metrics": [{"cvssV3_1": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}}], "references": [{"name": "https://github.com/smallstep/certificates/security/advisories/GHSA-j7c9-79x7-8hpr", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/smallstep/certificates/security/advisories/GHSA-j7c9-79x7-8hpr"}], "affected": [{"vendor": "smallstep", "product": "certificates", "versions": [{"version": "< 0.29.0", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-12-03T19:13:48.240Z"}, "descriptions": [{"lang": "en", "value": "Step CA is an online certificate authority for secure, automated certificate management for DevOps. Prior to 0.29.0, there is an improper authorization check for SSH certificate revocation. This affects deployments configured with the SSHPOP provisioner. This vulnerability is fixed in 0.29.0."}], "source": {"advisory": "GHSA-j7c9-79x7-8hpr", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-12-03T21:40:49.793375Z", "id": "CVE-2025-66406", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-03T21:40:59.681Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-66406", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "partial"}], "version": "2.0.3", "timestamp": "2025-12-03T21:40:49.793375Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-12-03T21:40:55.583Z"}}], "cna": {"title": "Improper Authorization Check for SSH Certificate Revocation", "source": {"advisory": "GHSA-j7c9-79x7-8hpr", "discovery": "UNKNOWN"}, "metrics": [{"cvssV3_1": {"scope": "UNCHANGED", "version": "3.1", "baseScore": 5, "attackVector": "NETWORK", "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H", "integrityImpact": "LOW", "userInteraction": "NONE", "attackComplexity": "HIGH", "availabilityImpact": "HIGH", "privilegesRequired": "HIGH", "confidentialityImpact": "NONE"}}], "affected": [{"vendor": "smallstep", "product": "certificates", "versions": [{"status": "affected", "version": "< 0.29.0"}]}], "references": [{"url": "https://github.com/smallstep/certificates/security/advisories/GHSA-j7c9-79x7-8hpr", "name": "https://github.com/smallstep/certificates/security/advisories/GHSA-j7c9-79x7-8hpr", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "Step CA is an online certificate authority for secure, automated certificate management for DevOps. Prior to 0.29.0, there is an improper authorization check for SSH certificate revocation. This affects deployments configured with the SSHPOP provisioner. This vulnerability is fixed in 0.29.0."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-863", "description": "CWE-863: Incorrect Authorization"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-12-03T19:13:48.240Z"}}}, "cveMetadata": {"cveId": "CVE-2025-66406", "state": "PUBLISHED", "dateUpdated": "2025-12-03T21:40:59.681Z", "dateReserved": "2025-11-28T23:33:56.365Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2025-12-03T19:13:48.240Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.2"}

{"cveTags": [], "descriptions": [{"lang": "en", "value": "Step CA is an online certificate authority for secure, automated certificate management for DevOps. Prior to 0.29.0, there is an improper authorization check for SSH certificate revocation. This affects deployments configured with the SSHPOP provisioner. This vulnerability is fixed in 0.29.0."}], "id": "CVE-2025-66406", "lastModified": "2025-12-04T17:15:08.283", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "HIGH", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 5.0, "baseSeverity": "MEDIUM", "confidentialityImpact": "NONE", "integrityImpact": "LOW", "privilegesRequired": "HIGH", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H", "version": "3.1"}, "exploitabilityScore": 0.7, "impactScore": 4.2, "source": "security-advisories@github.com", "type": "Secondary"}]}, "published": "2025-12-03T20:16:26.560", "references": [{"source": "security-advisories@github.com", "url": "https://github.com/smallstep/certificates/security/advisories/GHSA-j7c9-79x7-8hpr"}], "sourceIdentifier": "security-advisories@github.com", "vulnStatus": "Awaiting Analysis", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-863"}], "source": "security-advisories@github.com", "type": "Primary"}]}

{}