关键漏洞信息 漏洞标识 CVE编号: CVE-2025-2181 产品: Checkov by Prisma Cloud 漏洞描述 类型: Cleartext Exposure of Credentials 影响: Sensitive information disclosure vulnerability in Palo Alto Networks Checkov by Prisma® Cloud can result in the cleartext exposure of Prisma Cloud access keys in Checkov's output. 严重性和紧急性 严重性: LOW (Severity 2 - LOW) 紧急性: MODERATE 影响版本 受影响版本: = 3.2.449 利用状态 利用难度: LOW CVSS评分: - CVSS-BT: 2.0 /CVSS-B: 5.9 (CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:A/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:U/AU:N/R:U/V:D/RE:M/U:Amber) - CVSS-BT: 1.7 /CVSS-B: 5.1 (CVSS:4.0/AV:L/AC:L/AT:N/PR:L/UI:P/VC:H/VI:N/VA:N/SC:L/SI:L/SA:L/E:U/AU:N/R:U/V:D/RE:M/U:Amber) 弱点类型和影响 弱点类型: CWE-312 Cleartext Storage of Sensitive Information 攻击模式: CAPEC-37 Retrieve Embedded Sensitive Data 解决方案 建议升级到: 3.2.449 or later 时间线 初始发布日期: 2025-08-14