Authentication Bypass Vulnerability in Apache Kylin Affects Users
CVE-2025-61733

7.5HIGH

Key Information:

Vendor: Apache
Status: Apache Kylin
Vendor: CVE Published:; 2 October 2025

What is CVE-2025-61733?

An authentication bypass vulnerability in Apache Kylin allows unauthorized access through alternative paths or channels. This flaw is present in versions 4.0.0 through 5.0.2 of Apache Kylin. To mitigate this risk, users are advised to upgrade to version 5.0.3, which addresses and resolves this security issue effectively.

Affected Version(s)

Apache Kylin 4.0.0 <= 5.0.2

References

https://lists.apache.org/thread/8wmcffly6gp50nmfw8j4w3hlm...

vendor-advisory

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Oct 2, 2025
Vulnerability Reserved
Sep 30, 2025

Credit

liuhuajin <[email protected]>

JSON