CVE-2025-64323
MEDIUMkgateway <= 2.0.4 and 2.1.0-agw-cel-rbac-2.1.0-rc.2 - Unauthenticated Sensitive Data Exposure via xDS Port
Title source: llmDescription
kgateway is a Cloud-Native API and AI Gateway. Versions 2.0.4 and below and 2.1.0-agw-cel-rbac through 2.1.0-rc.2 lack authentication, allowing any client with unrestricted network access to the xDS port to retrieve potentially sensitive configuration data including certificate data, backend service information, routing rules, and cluster metadata. This issue is solved in versions 2.0.5 and 2.1.0.
References (4)
Core 4
Core References
Vendor Advisory x_refsource_confirm
https://github.com/kgateway-dev/kgateway/security/advisories/GHSA-4766-x535-jw3r
Issue Tracking x_refsource_misc
https://github.com/kgateway-dev/kgateway/issues/10651
Issue Tracking x_refsource_misc
https://github.com/kgateway-dev/kgateway/pull/12471
Issue Tracking x_refsource_misc
https://github.com/kgateway-dev/kgateway/pull/12535
Scores
CVSS v3
5.3
EPSS
0.0016
EPSS Percentile
6.0%
Attack Vector
ADJACENT_NETWORK
CVSS:3.1/AV:A/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N
CISA SSVC
Vulnrichment
Exploitation
none
Automatable
no
Technical Impact
partial
Details
CWE
CWE-862
Status
published
Products (3)
kgateway-dev/kgateway
2.1.0-agw-cel-rbac - 2.1.0Go
kgateway-dev/kgateway
< 2.0.5
kgateway-dev/kgateway
>= 2.1.0-agw-cel-rbac, < 2.1.0
Published
Nov 07, 2025
Tracked Since
Feb 18, 2026