Cloud Vulnerability DB
An open project to list all known cloud vulnerabilities and Cloud Service Provider security issues
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
High-profile threat •
Vulnerability DatabaseCVE-2025-34026
CVE-2025-34026:
Versa concerto vulnerability analysis and mitigation
Overview
The Versa Concerto SD-WAN orchestration platform contains a critical authentication bypass vulnerability in the Traefik reverse proxy configuration, identified as CVE-2025-34026. This vulnerability affects Concerto versions from 12.1.2 through 12.2.0, with additional versions potentially vulnerable. The vulnerability was discovered in early 2025 and publicly disclosed on May 21, 2025 (ProjectDiscovery Blog, NVD).
Technical details
The vulnerability stems from improper handling of the X-Real-Ip header in the Spring Boot Actuator endpoints. The authentication bypass occurs when attackers manipulate the Connection header to drop the X-Real-Ip header before request forwarding, effectively bypassing security checks. The vulnerability has received a CVSS v4.0 score of 9.2 CRITICAL with vector string CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:N/VA:N/SC:H/SI:L/SA:N (ProjectDiscovery Blog, Wiz).
Impact
When exploited, this vulnerability allows attackers to access administrative endpoints without proper authentication. Specifically, attackers can access heap dumps and trace logs through the internal Actuator endpoint, potentially exposing sensitive information including plain text credentials and user session tokens. This access can be leveraged to gain administrative privileges in the appliance (ProjectDiscovery Blog, Hacker News).
Mitigation and workarounds
Organizations can implement temporary mitigations at the reverse proxy or WAF level: 1) Block requests containing semicolons in URL paths, and 2) Drop requests where the Connection header contains the value X-Real-Ip. Versa Networks has released a patch in Concerto version 12.2.1 GA on April 16, 2025 (ProjectDiscovery Blog, Hacker News).
Community reactions
The vulnerability disclosure process faced challenges with delayed vendor response. Despite multiple follow-ups over 90 days, researchers received limited communication regarding patches. The security community has expressed concern about the severity of the vulnerability chain and its potential impact on enterprise networks (ProjectDiscovery Blog, Hacker News).
Additional resources
Source: This report was generated using AI
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Get a personalized demo
Ready to see Wiz in action?
“Best User Experience I have ever seen, provides full visibility to cloud workloads.”
David EstlickCISO
“Wiz provides a single pane of glass to see what is going on in our cloud environments.”
Adam FletcherChief Security Officer
“We know that if Wiz identifies something as critical, it actually is.”
Greg PoniatowskiHead of Threat and Vulnerability Management