Security Advisory

CVE-2025-8868

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2025-09-29 11:29:50

Last updated 2025-09-29 12:55:02

Assigner ProgressSoftware

State PUBLISHED

Description

In Progress Chef Automate, versions earlier than 4.13.295, on Linux x86 platform, an authenticated attacker can gain access to Chef Automate restricted functionality in the compliance service via improperly neutralized inputs used in an SQL command using a well-known token.

← Browse all CVEs View on cve.org ↗