---

CVE-2025-32803 - log back

CVE-2025-32803 created at 28 May 2025 17:16:07
Severity	+ Medium
Remote	+ Local
Type	+ Information disclosure
Description	+ In some cases, Kea log files or lease files may be world-readable. + + If an attacker has access to a local unprivileged user account, they would be able to read the logs and/or lease information. This might disclose details about DHCP clients (MAC addresses, hostnames, IP addresses, configuration details, and so on), or about Kea itself.
References	+ https://kb.isc.org/docs/cve-2025-32803
Notes