Unauthenticated Access in Bitnami PostgreSQL Docker Image and Helm Chart
CVE-2025-22248

9.4CRITICAL

Key Information:

Vendor: Vmware
Status: Bitnami
Vendor: CVE Published:; 13 May 2025

What is CVE-2025-22248?

The Bitnami PostgreSQL Docker image and PostgreSQL HA Helm chart have a significant security flaw that allows unauthorized access. By default, these configurations include a 'repmgr' user that permits unauthenticated connections to the database within the cluster. The PGPOOL_SR_CHECK_USER, which Pgpool utilizes for streaming replication checks, is misconfigured at a trust level, exposing the database to potential intrusions. If the Pgpool service is accessible externally, attackers can leverage this vulnerability to gain unauthorized access, compromising the integrity and confidentiality of the database.

Affected Version(s)

Bitnami *

References

https://github.com/bitnami/charts/security/advisories/GHS...

CVSS V4

Score:

9.4

Severity:

CRITICAL

Confidentiality:

High

Integrity:

High

Availability:

High

Attack Vector:

Adjacent Network

Attack Complexity:

Low

Attack Required:

None

Privileges Required:

Undefined

User Interaction:

None

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
May 13, 2025
Vulnerability Reserved
Jan 2, 2025

Vmware

What is CVE-2025-22248?

Affected Version(s)

References

CVSS V4

Timeline