CVE-2025-2787 (GCVE-0-2025-2787)
Vulnerability from cvelistv5 – Published: 2025-03-26 21:08 – Updated: 2025-04-08 20:34
VLAI?
Summary
KNIME Business Hub is affected by the Ingress-nginx CVE-2025-1974 ( a.k.a IngressNightmare ) vulnerability which affects the ingress-nginx component. In the worst case a complete takeover of the Kubernetes cluster is possible. Since the affected component is only reachable from within the cluster, i.e. requires an authenticated user, the severity in the context of KNIME Business Hub is slightly lower.
Besides applying the publicly known workarounds, we strongly recommend updating to one of the following versions of KNIME Business Hub:
* 1.13.3 or above
* 1.12.4 or above
* 1.11.4 or above
* 1.10.4 or above
*
Severity ?
CWE
- CWE-94 - Improper Control of Generation of Code ('Code Injection')
Assigner
References
Impacted products
| Vendor | Product | Version | ||
|---|---|---|---|---|
| KNIME | KNIME Business Hub |
Affected:
1.13.0 , ≤ 1.13.2
(semver)
Affected: 1.12.0 , ≤ 1.12.3 (semver) Affected: 1.11.0 , ≤ 1.11.3 (semver) Affected: 0 , ≤ 1.10.3 (semver) |
{
"containers": {
"adp": [
{
"metrics": [
{
"other": {
"content": {
"id": "CVE-2025-2787",
"options": [
{
"Exploitation": "none"
},
{
"Automatable": "no"
},
{
"Technical Impact": "total"
}
],
"role": "CISA Coordinator",
"timestamp": "2025-03-27T13:23:10.416717Z",
"version": "2.0.3"
},
"type": "ssvc"
}
}
],
"problemTypes": [
{
"descriptions": [
{
"cweId": "CWE-94",
"description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
"lang": "en",
"type": "CWE"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-04-08T20:34:43.840Z",
"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
"shortName": "CISA-ADP"
},
"title": "CISA ADP Vulnrichment"
}
],
"cna": {
"affected": [
{
"defaultStatus": "unaffected",
"product": "KNIME Business Hub",
"vendor": "KNIME",
"versions": [
{
"lessThanOrEqual": "1.13.2",
"status": "affected",
"version": "1.13.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.12.3",
"status": "affected",
"version": "1.12.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.11.3",
"status": "affected",
"version": "1.11.0",
"versionType": "semver"
},
{
"lessThanOrEqual": "1.10.3",
"status": "affected",
"version": "0",
"versionType": "semver"
}
]
}
],
"descriptions": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e\u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eKNIME Business Hub is affected by the Ingress-nginx CVE-2025-1974 ( a.k.a IngressNightmare ) vulnerability which affects the ingress-nginx component. In the worst case a complete takeover of the Kubernetes cluster is possible. Since the affected component is only reachable from within the cluster, i.e. requires an authenticated user, the severity in the context of KNIME Business Hub is slightly lower.\u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003eBesides applying the publicly known workarounds, we strongly recommend updating to one of the following versions of KNIME Business Hub: \u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003e1.13.3 or above \u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e\u003cdiv\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003e1.12.4 or above \u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e\u003cdiv\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003e1.11.4 or above \u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e\u003cdiv\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003e1.10.4 or above\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e\u003c/div\u003e\u003cul\u003e\u003cli\u003e\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e"
}
],
"value": "KNIME Business Hub is affected by the Ingress-nginx CVE-2025-1974 ( a.k.a IngressNightmare ) vulnerability which affects the ingress-nginx component. In the worst case a complete takeover of the Kubernetes cluster is possible. Since the affected component is only reachable from within the cluster, i.e. requires an authenticated user, the severity in the context of KNIME Business Hub is slightly lower.\n\n\n\nBesides applying the publicly known workarounds, we strongly recommend updating to one of the following versions of KNIME Business Hub: \n\n\n\n * 1.13.3 or above \n\n\n\n\n\n\n * 1.12.4 or above \n\n\n\n\n\n\n * 1.11.4 or above \n\n\n\n\n\n\n * 1.10.4 or above\n\n\n\n\n\n\n\n\n *"
}
],
"metrics": [
{
"cvssV4_0": {
"Automatable": "NO",
"Recovery": "USER",
"Safety": "NOT_DEFINED",
"attackComplexity": "LOW",
"attackRequirements": "NONE",
"attackVector": "NETWORK",
"baseScore": 8.7,
"baseSeverity": "HIGH",
"privilegesRequired": "LOW",
"providerUrgency": "AMBER",
"subAvailabilityImpact": "NONE",
"subConfidentialityImpact": "LOW",
"subIntegrityImpact": "LOW",
"userInteraction": "NONE",
"valueDensity": "CONCENTRATED",
"vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/AU:N/R:U/V:C/RE:M/U:Amber",
"version": "4.0",
"vulnAvailabilityImpact": "HIGH",
"vulnConfidentialityImpact": "HIGH",
"vulnIntegrityImpact": "HIGH",
"vulnerabilityResponseEffort": "MODERATE"
},
"format": "CVSS",
"scenarios": [
{
"lang": "en",
"value": "GENERAL"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2025-03-31T06:12:58.928Z",
"orgId": "296541fb-a0e3-4ca7-ab3d-683e666d143e",
"shortName": "KNIME"
},
"references": [
{
"url": "https://www.knime.com/security-advisory-cve-2025-2787"
}
],
"source": {
"discovery": "UPSTREAM"
},
"title": "Ingress-nginx vulnerability in KNIME Business Hub",
"workarounds": [
{
"lang": "en",
"supportingMedia": [
{
"base64": false,
"type": "text/html",
"value": "\u003cdiv\u003eFor a workaround see \u003ca target=\"_blank\" rel=\"nofollow\" href=\"https://www.knime.com/security-advisory-cve-2025-2787\"\u003ehttps://www.knime.com/security-advisory-cve-2025-2787\u003c/a\u003e.\u003c/div\u003e\u003cbr\u003e"
}
],
"value": "For a workaround see https://www.knime.com/security-advisory-cve-2025-2787 ."
}
],
"x_generator": {
"engine": "Vulnogram 0.2.0"
}
}
},
"cveMetadata": {
"assignerOrgId": "296541fb-a0e3-4ca7-ab3d-683e666d143e",
"assignerShortName": "KNIME",
"cveId": "CVE-2025-2787",
"datePublished": "2025-03-26T21:08:08.461Z",
"dateReserved": "2025-03-25T12:49:37.982Z",
"dateUpdated": "2025-04-08T20:34:43.840Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2025-2787\",\"sourceIdentifier\":\"security@knime.com\",\"published\":\"2025-03-26T21:15:23.167\",\"lastModified\":\"2025-10-08T17:19:11.350\",\"vulnStatus\":\"Analyzed\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"KNIME Business Hub is affected by the Ingress-nginx CVE-2025-1974 ( a.k.a IngressNightmare ) vulnerability which affects the ingress-nginx component. In the worst case a complete takeover of the Kubernetes cluster is possible. Since the affected component is only reachable from within the cluster, i.e. requires an authenticated user, the severity in the context of KNIME Business Hub is slightly lower.\\n\\n\\n\\nBesides applying the publicly known workarounds, we strongly recommend updating to one of the following versions of KNIME Business Hub: \\n\\n\\n\\n * 1.13.3 or above \\n\\n\\n\\n\\n\\n\\n * 1.12.4 or above \\n\\n\\n\\n\\n\\n\\n * 1.11.4 or above \\n\\n\\n\\n\\n\\n\\n * 1.10.4 or above\\n\\n\\n\\n\\n\\n\\n\\n\\n *\"},{\"lang\":\"es\",\"value\":\"KNIME Business Hub se ve afectado por la vulnerabilidad Ingress-nginx CVE-2025-1974 (tambi\u00e9n conocida como IngressNightmare), que afecta al componente ingress-nginx. En el peor de los casos, es posible que el cl\u00faster de Kubernetes se apodere completamente de \u00e9l. Dado que el componente afectado solo es accesible desde dentro del cl\u00faster, es decir, requiere un usuario autenticado, la gravedad en el contexto de KNIME Business Hub es ligeramente menor. Adem\u00e1s de aplicar los workarounds conocidos, recomendamos encarecidamente actualizar a una de las siguientes versiones de KNIME Business Hub: * 1.13.3 o superior * 1.12.4 o superior * 1.11.4 o superior * 1.10.4 o superior *\"}],\"metrics\":{\"cvssMetricV40\":[{\"source\":\"security@knime.com\",\"type\":\"Secondary\",\"cvssData\":{\"version\":\"4.0\",\"vectorString\":\"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Amber\",\"baseScore\":8.7,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"attackRequirements\":\"NONE\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"vulnConfidentialityImpact\":\"HIGH\",\"vulnIntegrityImpact\":\"HIGH\",\"vulnAvailabilityImpact\":\"HIGH\",\"subConfidentialityImpact\":\"LOW\",\"subIntegrityImpact\":\"LOW\",\"subAvailabilityImpact\":\"NONE\",\"exploitMaturity\":\"NOT_DEFINED\",\"confidentialityRequirement\":\"NOT_DEFINED\",\"integrityRequirement\":\"NOT_DEFINED\",\"availabilityRequirement\":\"NOT_DEFINED\",\"modifiedAttackVector\":\"NOT_DEFINED\",\"modifiedAttackComplexity\":\"NOT_DEFINED\",\"modifiedAttackRequirements\":\"NOT_DEFINED\",\"modifiedPrivilegesRequired\":\"NOT_DEFINED\",\"modifiedUserInteraction\":\"NOT_DEFINED\",\"modifiedVulnConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedVulnIntegrityImpact\":\"NOT_DEFINED\",\"modifiedVulnAvailabilityImpact\":\"NOT_DEFINED\",\"modifiedSubConfidentialityImpact\":\"NOT_DEFINED\",\"modifiedSubIntegrityImpact\":\"NOT_DEFINED\",\"modifiedSubAvailabilityImpact\":\"NOT_DEFINED\",\"Safety\":\"NOT_DEFINED\",\"Automatable\":\"NO\",\"Recovery\":\"USER\",\"valueDensity\":\"CONCENTRATED\",\"vulnerabilityResponseEffort\":\"MODERATE\",\"providerUrgency\":\"AMBER\"}}],\"cvssMetricV31\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.1\",\"vectorString\":\"CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H\",\"baseScore\":8.8,\"baseSeverity\":\"HIGH\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"LOW\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"HIGH\",\"integrityImpact\":\"HIGH\",\"availabilityImpact\":\"HIGH\"},\"exploitabilityScore\":2.8,\"impactScore\":5.9}]},\"weaknesses\":[{\"source\":\"134c704f-9b21-4f2e-91b3-4a467353bcc0\",\"type\":\"Secondary\",\"description\":[{\"lang\":\"en\",\"value\":\"CWE-94\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:knime:business_hub:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.10.0\",\"versionEndExcluding\":\"1.10.4\",\"matchCriteriaId\":\"0D2BD1DD-BE57-4CB0-A8DD-63E2885D95DF\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:knime:business_hub:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.11.0\",\"versionEndExcluding\":\"1.11.4\",\"matchCriteriaId\":\"86A92FC4-D6CF-4736-9932-FFD4CA7A07BA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:knime:business_hub:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.12.0\",\"versionEndExcluding\":\"1.12.4\",\"matchCriteriaId\":\"655A33C9-C973-43D5-A4F7-CAC44756672A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:knime:business_hub:*:*:*:*:*:*:*:*\",\"versionStartIncluding\":\"1.13.0\",\"versionEndExcluding\":\"1.13.3\",\"matchCriteriaId\":\"2BA35652-95D4-4F37-9A60-7F1EB87885CE\"}]}]}],\"references\":[{\"url\":\"https://www.knime.com/security-advisory-cve-2025-2787\",\"source\":\"security@knime.com\",\"tags\":[\"Vendor Advisory\",\"Mitigation\"]}]}}",
"vulnrichment": {
"containers": "{\"cna\": {\"affected\": [{\"defaultStatus\": \"unaffected\", \"product\": \"KNIME Business Hub\", \"vendor\": \"KNIME\", \"versions\": [{\"lessThanOrEqual\": \"1.13.2\", \"status\": \"affected\", \"version\": \"1.13.0\", \"versionType\": \"semver\"}, {\"lessThanOrEqual\": \"1.12.3\", \"status\": \"affected\", \"version\": \"1.12.0\", \"versionType\": \"semver\"}, {\"lessThanOrEqual\": \"1.11.3\", \"status\": \"affected\", \"version\": \"1.11.0\", \"versionType\": \"semver\"}, {\"lessThanOrEqual\": \"1.10.3\", \"status\": \"affected\", \"version\": \"0\", \"versionType\": \"semver\"}]}], \"descriptions\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003e\u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cdiv\u003e\u003cp\u003eKNIME Business Hub is affected by the Ingress-nginx CVE-2025-1974 ( a.k.a IngressNightmare ) vulnerability which affects the ingress-nginx component. In the worst case a complete takeover of the Kubernetes cluster is possible. Since the affected component is only reachable from within the cluster, i.e. requires an authenticated user, the severity in the context of KNIME Business Hub is slightly lower.\u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cp\u003eBesides applying the publicly known workarounds, we strongly recommend updating to one of the following versions of KNIME Business Hub: \u003c/p\u003e\u003c/div\u003e\u003cdiv\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003e1.13.3 or above \u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e\u003cdiv\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003e1.12.4 or above \u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e\u003cdiv\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003e1.11.4 or above \u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e\u003cdiv\u003e\u003cul\u003e\u003cli\u003e\u003cp\u003e1.10.4 or above\u003c/p\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e\u003c/div\u003e\u003cul\u003e\u003cli\u003e\u003cbr\u003e\u003c/li\u003e\u003c/ul\u003e\u003c/div\u003e\u003c/div\u003e\u003c/div\u003e\"}], \"value\": \"KNIME Business Hub is affected by the Ingress-nginx CVE-2025-1974 ( a.k.a IngressNightmare ) vulnerability which affects the ingress-nginx component. In the worst case a complete takeover of the Kubernetes cluster is possible. Since the affected component is only reachable from within the cluster, i.e. requires an authenticated user, the severity in the context of KNIME Business Hub is slightly lower.\\n\\n\\n\\nBesides applying the publicly known workarounds, we strongly recommend updating to one of the following versions of KNIME Business Hub: \\n\\n\\n\\n * 1.13.3 or above \\n\\n\\n\\n\\n\\n\\n * 1.12.4 or above \\n\\n\\n\\n\\n\\n\\n * 1.11.4 or above \\n\\n\\n\\n\\n\\n\\n * 1.10.4 or above\\n\\n\\n\\n\\n\\n\\n\\n\\n *\"}], \"metrics\": [{\"cvssV4_0\": {\"Automatable\": \"NO\", \"Recovery\": \"USER\", \"Safety\": \"NOT_DEFINED\", \"attackComplexity\": \"LOW\", \"attackRequirements\": \"NONE\", \"attackVector\": \"NETWORK\", \"baseScore\": 8.7, \"baseSeverity\": \"HIGH\", \"privilegesRequired\": \"LOW\", \"providerUrgency\": \"AMBER\", \"subAvailabilityImpact\": \"NONE\", \"subConfidentialityImpact\": \"LOW\", \"subIntegrityImpact\": \"LOW\", \"userInteraction\": \"NONE\", \"valueDensity\": \"CONCENTRATED\", \"vectorString\": \"CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/AU:N/R:U/V:C/RE:M/U:Amber\", \"version\": \"4.0\", \"vulnAvailabilityImpact\": \"HIGH\", \"vulnConfidentialityImpact\": \"HIGH\", \"vulnIntegrityImpact\": \"HIGH\", \"vulnerabilityResponseEffort\": \"MODERATE\"}, \"format\": \"CVSS\", \"scenarios\": [{\"lang\": \"en\", \"value\": \"GENERAL\"}]}], \"providerMetadata\": {\"orgId\": \"296541fb-a0e3-4ca7-ab3d-683e666d143e\", \"shortName\": \"KNIME\", \"dateUpdated\": \"2025-03-31T06:12:58.928Z\"}, \"references\": [{\"url\": \"https://www.knime.com/security-advisory-cve-2025-2787\"}], \"source\": {\"discovery\": \"UPSTREAM\"}, \"title\": \"Ingress-nginx vulnerability in KNIME Business Hub\", \"workarounds\": [{\"lang\": \"en\", \"supportingMedia\": [{\"base64\": false, \"type\": \"text/html\", \"value\": \"\u003cdiv\u003eFor a workaround see \u003ca target=\\\"_blank\\\" rel=\\\"nofollow\\\" href=\\\"https://www.knime.com/security-advisory-cve-2025-2787\\\"\u003ehttps://www.knime.com/security-advisory-cve-2025-2787\u003c/a\u003e.\u003c/div\u003e\u003cbr\u003e\"}], \"value\": \"For a workaround see https://www.knime.com/security-advisory-cve-2025-2787 .\"}], \"x_generator\": {\"engine\": \"Vulnogram 0.2.0\"}}, \"adp\": [{\"title\": \"CISA ADP Vulnrichment\", \"metrics\": [{\"other\": {\"type\": \"ssvc\", \"content\": {\"id\": \"CVE-2025-2787\", \"role\": \"CISA Coordinator\", \"options\": [{\"Exploitation\": \"none\"}, {\"Automatable\": \"no\"}, {\"Technical Impact\": \"total\"}], \"version\": \"2.0.3\", \"timestamp\": \"2025-03-27T13:23:10.416717Z\"}}}], \"problemTypes\": [{\"descriptions\": [{\"lang\": \"en\", \"type\": \"CWE\", \"cweId\": \"CWE-94\", \"description\": \"CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)\"}]}], \"providerMetadata\": {\"orgId\": \"134c704f-9b21-4f2e-91b3-4a467353bcc0\", \"shortName\": \"CISA-ADP\", \"dateUpdated\": \"2025-03-27T13:25:29.740Z\"}}]}",
"cveMetadata": "{\"cveId\": \"CVE-2025-2787\", \"assignerOrgId\": \"296541fb-a0e3-4ca7-ab3d-683e666d143e\", \"state\": \"PUBLISHED\", \"assignerShortName\": \"KNIME\", \"dateReserved\": \"2025-03-25T12:49:37.982Z\", \"datePublished\": \"2025-03-26T21:08:08.461Z\", \"dateUpdated\": \"2025-04-08T20:34:43.840Z\"}",
"dataType": "CVE_RECORD",
"dataVersion": "5.1"
}
}
}
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…