QwikSec

Security Database

CVE

CWE

Training

CVE-2025-23261

Published: Sep 4, 2025

Modified: Sep 4, 2025

PUBLISHED

CVSS v3.1

5.5

MEDIUM

Description

NVIDIA Cumulus Linux and NVOS products contain a vulnerability, where hashed user passwords are not properly suppressed in log files, potentially disclosing information to unauthorized users.

Vendor	Product	Versions
NVIDIA	NVOS	affected `NVOS 25.02.21xx, 25.02.22xx, 25.02.23xx`
NVIDIA	Cumulus Linux	affected `Cumulus Linux 5.12, 5.11, 5.10, 5.9 and older`
NVIDIA	NVOS	affected `NVOS 25.02.3xxx`

Weaknesses (CWE)

CVSS v3.1 Details

CVSS v3.1 Vector

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

Attack Vector

Local

Attack Complexity

Low

Privileges Required

Low

User Interaction

None

Scope

Unchanged

Confidentiality

High

Integrity

None

Availability

None

References

https://nvd.nist.gov/vuln/detail/CVE-2025-23261

https://www.cve.org/CVERecord?id=CVE-2025-23261

https://nvidia.custhelp.com/app/answers/detail/a_id/5655

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.