Detections
Analytics

Ollama <= 0.9.6 Cross-Domain Token Exposure

medium Nessus Plugin ID 250293

Language:

Synopsis

The Ollama instance installed on the remote host is affected by a cross-domain token exposure vulnerability.

Description

The version of Ollama installed on the remote host is 0.9.6 or earlier. It is, therefore, affected by a vulnerability. Cross-Domain Token Exposure in server.auth.getAuthorizationToken in Ollama 0.9.6 allows remote attackers to steal authentication tokens and bypass access controls via a malicious realm value in a WWW-Authenticate header returned by the /api/pull endpoint.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.

Solution

See vendor advisory

See Also

https://github.com/advisories/GHSA-x9hg-5q6g-q3jr

Plugin Details

Severity: Medium

ID: 250293

File Name: ollama_0_9_6.nasl

Version: 1.1

Type: local

Agent: windows, macosx, unix

Published: 8/15/2025

Updated: 8/15/2025

Configuration: Enable thorough checks (optional)

Supported Sensors: Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.1

Vector: CVSS2#AV:N/AC:H/Au:N/C:C/I:P/A:N

CVSS Score Source: CVE-2025-51471

CVSS v3

Risk Factor: Medium

Base Score: 6.9

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:L/A:N

Vulnerability Information

CPE: cpe:/a:ollama:ollama

Required KB Items: installed_sw/Ollama

Vulnerability Publication Date: 7/22/2025

Reference Information

CVE: CVE-2025-51471

IAVB: 2025-B-0137