Home > Vulnerability Database > CVE-2025-2598

Mend.io Vulnerability Database

CVE-2025-2598

Good to know:

Date: March 21, 2025

When the AWS Cloud Development Kit (AWS CDK) Command Line Interface (AWS CDK CLI) is used with a credential plugin which returns an expiration property with the retrieved AWS credentials, the credentials are printed to the console output. To mitigate this issue, users should upgrade to version 2.178.2 or later and ensure any forked or derivative code is patched to incorporate the new fixes.

Severity Score

5.5

Related Resources (6)

Url: https://aws.amazon.com/security/security-bulletins/AWS-2025-005

Url: https://github.com/aws/aws-cdk/security/advisories/GHSA-v63m-x9r9-8gqp

Url: https://aws.amazon.com/security/security-bulletins/AWS-2025-005/

Url: https://github.com/aws/aws-cdk

Url: https://nvd.nist.gov/vuln/detail/CVE-2025-2598

Url: https://www.mend.io/vulnerability-database/CVE-2025-2598

Severity Score

5.5

Weakness Type (CWE)

Exposure of Sensitive System Information to an Unauthorized Control Sphere

CWE-497

Top Fix

Upgrade Version

Upgrade to version aws-cdk - 2.178.2;cdk - 2.178.2;cdk - 2.178.2;https://github.com/aws/aws-cdk.git - v2.178.2

Learn More

CVSS v3.1

Base Score:	5.5
Attack Vector (AV):	LOCAL
Attack Complexity (AC):	LOW
Privileges Required (PR):	LOW
User Interaction (UI):	NONE
Scope (S):	UNCHANGED
Confidentiality (C):	HIGH
Integrity (I):	NONE
Availability (A):	NONE

Mend.io Vulnerability Database

We found results for “”

CVE-2025-2598

Good to know:

Date: March 21, 2025

Severity Score

Related Resources (6)

Severity Score

Weakness Type (CWE)

Top Fix

Upgrade Version

CVSS v3.1

Do you need more information?