CVE-2025-32803 - log back

CVE-2025-32803 created at 28 May 2025 17:16:07
Severity
+ Medium
Remote
+ Local
Type
+ Information disclosure
Description
+ In some cases, Kea log files or lease files may be world-readable.
+
+ If an attacker has access to a local unprivileged user account, they would be able to read the logs and/or lease information. This might disclose details about DHCP clients (MAC addresses, hostnames, IP addresses, configuration details, and so on), or about Kea itself.
References
+ https://kb.isc.org/docs/cve-2025-32803
Notes