Base Score

MEDIUM6.9

CVE-2025-51471

Cross-Domain Token Exposure in server.auth.getAuthorizationToken in Ollama 0.6.7 allows remote attackers to steal authentication tokens and bypass access controls via a malicious realm value in a WWW-Authenticate header returned by the /api/pull endpoint.

VectorNETWORK

Published Bycve@mitre.org

Published DateJul 22, 2025, 19:15

Affected Versions(1)

github.com/ollama/ollama(Go)

Introduced0

FixedN/A

LimitN/A

Package (Ecosystem)	Introduced	Fixed	Limit
github.com/ollama/ollama(Go)	0	N/A	N/A

Weakness Type (CWE):CWE-345

CVSS Metrics

Base Score

6.9

Vector String

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

HIGH

Privileges Required (PR)

NONE

User Interaction (UI)

REQUIRED

Scope (S)

CHANGED

Confidentiality (C)

HIGH

Integrity (I)

LOW

Availability (A)

NONE

References

Base Score

MEDIUM6.9

Weakness Type (CWE):CWE-345

CVSS Metrics

Base Score

6.9

Vector String

CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N

Base Severity

MEDIUM

Version

3.1

Attack Vector (AV)

NETWORK

Attack Complexity (AC)

HIGH

Privileges Required (PR)

NONE

User Interaction (UI)

REQUIRED

Scope (S)

CHANGED

Confidentiality (C)

HIGH

Integrity (I)

LOW

Availability (A)

NONE