FKIE_CVE-2025-2787

Vulnerability from fkie_nvd - Published: 2025-03-26 21:15 - Updated: 2025-10-08 17:19
Severity ?
8.8 (High) - CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Summary
KNIME Business Hub is affected by the Ingress-nginx CVE-2025-1974 ( a.k.a IngressNightmare ) vulnerability which affects the ingress-nginx component. In the worst case a complete takeover of the Kubernetes cluster is possible. Since the affected component is only reachable from within the cluster, i.e. requires an authenticated user, the severity in the context of KNIME Business Hub is slightly lower. Besides applying the publicly known workarounds, we strongly recommend updating to one of the following versions of KNIME Business Hub: * 1.13.3 or above * 1.12.4 or above * 1.11.4 or above * 1.10.4 or above *
References
security@knime.comhttps://www.knime.com/security-advisory-cve-2025-2787Mitigation, Vendor Advisory
Impacted products
Vendor Product Version
knime business_hub *
knime business_hub *
knime business_hub *
knime business_hub *
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:knime:business_hub:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "0D2BD1DD-BE57-4CB0-A8DD-63E2885D95DF",
              "versionEndExcluding": "1.10.4",
              "versionStartIncluding": "1.10.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:knime:business_hub:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "86A92FC4-D6CF-4736-9932-FFD4CA7A07BA",
              "versionEndExcluding": "1.11.4",
              "versionStartIncluding": "1.11.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:knime:business_hub:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "655A33C9-C973-43D5-A4F7-CAC44756672A",
              "versionEndExcluding": "1.12.4",
              "versionStartIncluding": "1.12.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:knime:business_hub:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2BA35652-95D4-4F37-9A60-7F1EB87885CE",
              "versionEndExcluding": "1.13.3",
              "versionStartIncluding": "1.13.0",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "KNIME Business Hub is affected by the Ingress-nginx CVE-2025-1974 ( a.k.a IngressNightmare ) vulnerability which affects the ingress-nginx component. In the worst case a complete takeover of the Kubernetes cluster is possible. Since the affected component is only reachable from within the cluster, i.e. requires an authenticated user, the severity in the context of KNIME Business Hub is slightly lower.\n\n\n\nBesides applying the publicly known workarounds, we strongly recommend updating to one of the following versions of KNIME Business Hub: \n\n\n\n  *  1.13.3 or above \n\n\n\n\n\n\n  *  1.12.4 or above \n\n\n\n\n\n\n  *  1.11.4 or above \n\n\n\n\n\n\n  *  1.10.4 or above\n\n\n\n\n\n\n\n\n  *"
    },
    {
      "lang": "es",
      "value": "KNIME Business Hub se ve afectado por la vulnerabilidad Ingress-nginx CVE-2025-1974 (tambi\u00e9n conocida como IngressNightmare), que afecta al componente ingress-nginx. En el peor de los casos, es posible que el cl\u00faster de Kubernetes se apodere completamente de \u00e9l. Dado que el componente afectado solo es accesible desde dentro del cl\u00faster, es decir, requiere un usuario autenticado, la gravedad en el contexto de KNIME Business Hub es ligeramente menor. Adem\u00e1s de aplicar los workarounds conocidos, recomendamos encarecidamente actualizar a una de las siguientes versiones de KNIME Business Hub: * 1.13.3 o superior * 1.12.4 o superior * 1.11.4 o superior * 1.10.4 o superior *"
    }
  ],
  "id": "CVE-2025-2787",
  "lastModified": "2025-10-08T17:19:11.350",
  "metrics": {
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "HIGH",
          "baseScore": 8.8,
          "baseSeverity": "HIGH",
          "confidentialityImpact": "HIGH",
          "integrityImpact": "HIGH",
          "privilegesRequired": "LOW",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
          "version": "3.1"
        },
        "exploitabilityScore": 2.8,
        "impactScore": 5.9,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ],
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NO",
          "Recovery": "USER",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 8.7,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "LOW",
          "providerUrgency": "AMBER",
          "subAvailabilityImpact": "NONE",
          "subConfidentialityImpact": "LOW",
          "subIntegrityImpact": "LOW",
          "userInteraction": "NONE",
          "valueDensity": "CONCENTRATED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Amber",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "HIGH",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "MODERATE"
        },
        "source": "security@knime.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-03-26T21:15:23.167",
  "references": [
    {
      "source": "security@knime.com",
      "tags": [
        "Mitigation",
        "Vendor Advisory"
      ],
      "url": "https://www.knime.com/security-advisory-cve-2025-2787"
    }
  ],
  "sourceIdentifier": "security@knime.com",
  "vulnStatus": "Analyzed",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
      "type": "Secondary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.