CVE-2025-59060

MEDIUM LAB

Apache Ranger <=2.7.0 - Auth Bypass

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2025-59060. PoCs published by exploitintel.

AI-analyzed exploit summary This repository contains a functional exploit PoC for CVE-2025-59060, demonstrating a TLS hostname verification bypass in Apache Ranger. The PoC includes multiple vectors (Python and Java) to show how an attacker can bypass hostname verification by presenting a crafted certificate chain.

Description

Hostname verification bypass issue in Apache Ranger NiFiRegistryClient/NiFiClient is reported in Apache Ranger versions <= 2.7.0. Users are recommended to upgrade to version 2.8.0, which fixes this issue.

Exploits (1)

github WORKING POC 1 stars
by exploitintel · pythonpoc
https://github.com/exploitintel/eip-pocs-and-cves/tree/main/CVE-2025-59060

This repository contains a functional exploit PoC for CVE-2025-59060, demonstrating a TLS hostname verification bypass in Apache Ranger. The PoC includes multiple vectors (Python and Java) to show how an attacker can bypass hostname verification by presenting a crafted certificate chain.

Classification
Working Poc 100%
Attack Type
Auth Bypass
Complexity
Moderate
Reliability
Reliable
Target: Apache Ranger ≤ 2.7.0
No auth needed
Prerequisites: Docker with Docker Compose · Python 3 · Maven dependencies · JDK
devstral-2 · analyzed Mar 04, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 5.3
EPSS 0.0010
EPSS Percentile 28.3%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N

CISA SSVC

Vulnrichment
Exploitation none
Automatable yes
Technical Impact partial

Lab Environment

EIP LAB Lab screenshot
vulnerable docker pull ghcr.io/exploitintel/cve-2025-59060-vulnerable:latest

Details

CWE
CWE-297
Status published
Products (2)
apache/ranger < 2.8.0
org.apache.ranger/ranger-nifi-registry-plugin 0 - 2.8.0Maven
Published Mar 03, 2026
Tracked Since Mar 03, 2026