CVE-2025-64323

low-risk
Published 2025-11-07

kgateway is a Cloud-Native API and AI Gateway. Versions 2.0.4 and below and 2.1.0-agw-cel-rbac through 2.1.0-rc.2 lack authentication, allowing any client with unrestricted network access to the xDS port to retrieve potentially sensitive configuration data including certificate data, backend service information, routing rules, and cluster metadata. This issue is solved in versions 2.0.5 and 2.1.0.

Do I need to act?

-
0.01% chance of exploitation
EPSS score — low exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.3/10 Medium
ADJACENT_NETWORK / HIGH complexity

References (4)

https://github.com/kgateway-dev/kgateway/issues/10651
https://github.com/kgateway-dev/kgateway/pull/12471
https://github.com/kgateway-dev/kgateway/pull/12535
https://github.com/kgateway-dev/kgateway/security/advisories/GHSA-4766-x535-jw3r
19
/ 100
low-risk
Severity 14/34 · Moderate
Exploitability 0/34 · Minimal
Exposure 5/34 · Minimal