OpenBao Privileged Operator Identity Group Root Escalation
Description
OpenBao is an open source identity-based secrets management system. Prior to version 2.4.4, a privileged operator could use the identity group subsystem to add a root policy to a group identity group, escalating their or another user's permissions in the system. Specifically this is an issue when: an operator in the root namespace has access to identity/groups endpoints and an operator does not have policy access. Otherwise, an operator with policy access could create or modify an existing policy to grant root-equivalent permissions through the sudo capability. This issue has been patched in version 2.4.4.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected packages
Versions sourced from the GitHub Security Advisory.
| Package | Affected versions | Patched versions |
|---|---|---|
github.com/openbao/openbaoGo | < 2.4.4 | 2.4.4 |
Affected products
5- ghsa-coords4 versionspkg:golang/github.com/openbao/openbaopkg:rpm/opensuse/govulncheck-vulndb&distro=openSUSE%20Leap%2015.6pkg:rpm/opensuse/openbao&distro=openSUSE%20Tumbleweedpkg:rpm/suse/govulncheck-vulndb&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Package%20Hub%2015%20SP6
< 2.4.4+ 3 more
- (no CPE)range: < 2.4.4
- (no CPE)range: < 0.0.20251209T172047-150000.1.127.1
- (no CPE)range: < 2.4.4-1.1
- (no CPE)range: < 0.0.20251209T172047-150000.1.127.1
Patches
Vulnerability mechanics
References
7- github.com/advisories/GHSA-7ff4-jw48-3436ghsaADVISORY
- nvd.nist.gov/vuln/detail/CVE-2025-64761ghsaADVISORY
- github.com/openbao/openbao/commit/16bb0ccd37a502930a289d434cbe4e7b4edd66e5ghsax_refsource_MISCWEB
- github.com/openbao/openbao/commit/747a1378c2756f86296ad9450f74f6faeecc2eb7ghsaWEB
- github.com/openbao/openbao/pull/2143ghsax_refsource_MISCWEB
- github.com/openbao/openbao/releases/tag/v2.4.4ghsaWEB
- github.com/openbao/openbao/security/advisories/GHSA-7ff4-jw48-3436ghsax_refsource_CONFIRMWEB
News mentions
0No linked articles in our index yet.