CVE-2025-22248

13.05.2025, 10:15

The bitnami/pgpoolDocker image, and the bitnami/postgres-hak8s chart, under default configurations, comes with an 'repmgr' user that allows unauthenticated access to the database inside the cluster.The PGPOOL_SR_CHECK_USERis the user that Pgpool itself uses to perform streaming replication checks against nodes, and should not be at trustlevel. This allows to log into a PostgreSQL database using the repgmruser without authentication. If Pgpool is exposed externally, a potential attacker could use this user to get access to the service. This is also present within the bitnami/postgres-haKubernetes Helm chart.

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	7.5 HIGH	NETWORK	LOW	NONE	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
vmware	CNA	---				---
CISA-ADP	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 24%

Vendor	Product	Version
broadcom	bitnami	𝑥 < 16.0.0
broadcom	bitnami\/pgpool	𝑥 < 4.6.0-1

𝑥

= Vulnerable software versions

Common Weakness Enumeration

CWE-1188 - Insecure Default Initialization of Resource
The software initializes or sets a resource with a default that is intended to be changed by the administrator, but the default is not secure.

References

https://github.com/bitnami/charts/security/advisories/GHSA-mx38-x658-5fwj