CVE-2025-30205

Summary

CVE-2025-30205 is a vulnerability affecting the kanidim-provision utility in versions prior to 1.2.0. The utility, which helps provision users, groups, and OAuth2 systems using kanidm's API, contains a faulty function instrumentation in optional kanidm patches. This flaw results in admin credentials being leaked to the system log when users provision their `admin` or `idm_admin` account credentials using these patches. Other credentials remain unaffected. To mitigate this issue, users should recompile kanidm with the newest patchset from tag `v1.2.0` or higher. As an interim solution, users can set the log level `KANIDM_LOG_LEVEL` to any level above info (e.g., warn) to prevent the leaked information from being logged.

Prevent cyber attacks with Recorded Future by prioritizing and patching critical vulnerabilities being exploited by threat actors targeting your industry. Book your demo to learn more.