CVE-2025-2181 MEDIUM

CVE-2025-2181: Checkov by Prisma Cloud: Cleartext Exposure of Credentials

Vendor Palo Alto Networks
Product Checkov by Prisma Cloud
Weakness CWE-312 · Cleartext storage
Published August 13, 2025
Last update August 13, 2025

CVSS base score

5.9/10
Attack vector Network
Attack complexity Low
Privileges required None
User interaction
Confidentiality
Integrity

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/AU:N/R:U/V:D/RE:M/U:Amber

What the vulnerability does

01Description

A sensitive information disclosure vulnerability in Palo Alto Networks Checkov by Prisma® Cloud can result in the cleartext exposure of Prisma Cloud access keys in Checkov's output.

Key dates

02Disclosure timeline

August 13, 2025 CVE published
August 13, 2025 Record updated