{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-2787", "assignerOrgId": "296541fb-a0e3-4ca7-ab3d-683e666d143e", "state": "PUBLISHED", "assignerShortName": "KNIME", "dateReserved": "2025-03-25T12:49:37.982Z", "datePublished": "2025-03-26T21:08:08.461Z", "dateUpdated": "2025-04-08T20:34:43.840Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "KNIME Business Hub", "vendor": "KNIME", "versions": [{"lessThanOrEqual": "1.13.2", "status": "affected", "version": "1.13.0", "versionType": "semver"}, {"lessThanOrEqual": "1.12.3", "status": "affected", "version": "1.12.0", "versionType": "semver"}, {"lessThanOrEqual": "1.11.3", "status": "affected", "version": "1.11.0", "versionType": "semver"}, {"lessThanOrEqual": "1.10.3", "status": "affected", "version": "0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div><div><div><p></p></div><div><div><div><p>KNIME Business Hub is affected by the Ingress-nginx CVE-2025-1974 ( a.k.a IngressNightmare ) vulnerability which affects the ingress-nginx component. In the worst case a complete takeover of the Kubernetes cluster is possible. Since the affected component is only reachable from within the cluster, i.e. requires an authenticated user, the severity in the context of KNIME Business Hub is slightly lower.</p></div><div><p>Besides applying the publicly known workarounds, we strongly recommend updating to one of the following versions of KNIME Business Hub: </p></div><div><ul><li><p>1.13.3 or above </p></li></ul></div><div><ul><li><p>1.12.4 or above </p></li></ul></div><div><ul><li><p>1.11.4 or above </p></li></ul></div><div><ul><li><p>1.10.4 or above</p></li></ul></div></div><ul><li><br></li></ul></div></div></div>"}], "value": "KNIME Business Hub is affected by the Ingress-nginx CVE-2025-1974 ( a.k.a IngressNightmare ) vulnerability which affects the ingress-nginx component. In the worst case a complete takeover of the Kubernetes cluster is possible. Since the affected component is only reachable from within the cluster, i.e. requires an authenticated user, the severity in the context of KNIME Business Hub is slightly lower.\n\n\n\nBesides applying the publicly known workarounds, we strongly recommend updating to one of the following versions of KNIME Business Hub: \n\n\n\n * 1.13.3 or above \n\n\n\n\n\n\n * 1.12.4 or above \n\n\n\n\n\n\n * 1.11.4 or above \n\n\n\n\n\n\n * 1.10.4 or above\n\n\n\n\n\n\n\n\n *"}], "metrics": [{"cvssV4_0": {"Automatable": "NO", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.7, "baseSeverity": "HIGH", "privilegesRequired": "LOW", "providerUrgency": "AMBER", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "NONE", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/AU:N/R:U/V:C/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "MODERATE"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "296541fb-a0e3-4ca7-ab3d-683e666d143e", "shortName": "KNIME", "dateUpdated": "2025-03-31T06:12:58.928Z"}, "references": [{"url": "https://www.knime.com/security-advisory-cve-2025-2787"}], "source": {"discovery": "UPSTREAM"}, "title": "Ingress-nginx vulnerability in KNIME Business Hub", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div>For a workaround see <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.knime.com/security-advisory-cve-2025-2787\">https://www.knime.com/security-advisory-cve-2025-2787</a>.</div><br>"}], "value": "For a workaround see https://www.knime.com/security-advisory-cve-2025-2787 ."}], "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"problemTypes": [{"descriptions": [{"type": "CWE", "cweId": "CWE-94", "lang": "en", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-03-27T13:23:10.416717Z", "id": "CVE-2025-2787", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-04-08T20:34:43.840Z"}}]}}

{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-2787", "assignerOrgId": "296541fb-a0e3-4ca7-ab3d-683e666d143e", "state": "PUBLISHED", "assignerShortName": "KNIME", "dateReserved": "2025-03-25T12:49:37.982Z", "datePublished": "2025-03-26T21:08:08.461Z", "dateUpdated": "2025-04-08T20:34:43.840Z"}, "containers": {"cna": {"affected": [{"defaultStatus": "unaffected", "product": "KNIME Business Hub", "vendor": "KNIME", "versions": [{"lessThanOrEqual": "1.13.2", "status": "affected", "version": "1.13.0", "versionType": "semver"}, {"lessThanOrEqual": "1.12.3", "status": "affected", "version": "1.12.0", "versionType": "semver"}, {"lessThanOrEqual": "1.11.3", "status": "affected", "version": "1.11.0", "versionType": "semver"}, {"lessThanOrEqual": "1.10.3", "status": "affected", "version": "0", "versionType": "semver"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div><div><div><p></p></div><div><div><div><p>KNIME Business Hub is affected by the Ingress-nginx CVE-2025-1974 ( a.k.a IngressNightmare ) vulnerability which affects the ingress-nginx component. In the worst case a complete takeover of the Kubernetes cluster is possible. Since the affected component is only reachable from within the cluster, i.e. requires an authenticated user, the severity in the context of KNIME Business Hub is slightly lower.</p></div><div><p>Besides applying the publicly known workarounds, we strongly recommend updating to one of the following versions of KNIME Business Hub: </p></div><div><ul><li><p>1.13.3 or above </p></li></ul></div><div><ul><li><p>1.12.4 or above </p></li></ul></div><div><ul><li><p>1.11.4 or above </p></li></ul></div><div><ul><li><p>1.10.4 or above</p></li></ul></div></div><ul><li><br></li></ul></div></div></div>"}], "value": "KNIME Business Hub is affected by the Ingress-nginx CVE-2025-1974 ( a.k.a IngressNightmare ) vulnerability which affects the ingress-nginx component. In the worst case a complete takeover of the Kubernetes cluster is possible. Since the affected component is only reachable from within the cluster, i.e. requires an authenticated user, the severity in the context of KNIME Business Hub is slightly lower.\n\n\n\nBesides applying the publicly known workarounds, we strongly recommend updating to one of the following versions of KNIME Business Hub: \n\n\n\n * 1.13.3 or above \n\n\n\n\n\n\n * 1.12.4 or above \n\n\n\n\n\n\n * 1.11.4 or above \n\n\n\n\n\n\n * 1.10.4 or above\n\n\n\n\n\n\n\n\n *"}], "metrics": [{"cvssV4_0": {"Automatable": "NO", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.7, "baseSeverity": "HIGH", "privilegesRequired": "LOW", "providerUrgency": "AMBER", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "NONE", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/AU:N/R:U/V:C/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "MODERATE"}, "format": "CVSS", "scenarios": [{"lang": "en", "value": "GENERAL"}]}], "providerMetadata": {"orgId": "296541fb-a0e3-4ca7-ab3d-683e666d143e", "shortName": "KNIME", "dateUpdated": "2025-03-31T06:12:58.928Z"}, "references": [{"url": "https://www.knime.com/security-advisory-cve-2025-2787"}], "source": {"discovery": "UPSTREAM"}, "title": "Ingress-nginx vulnerability in KNIME Business Hub", "workarounds": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<div>For a workaround see <a target=\"_blank\" rel=\"nofollow\" href=\"https://www.knime.com/security-advisory-cve-2025-2787\">https://www.knime.com/security-advisory-cve-2025-2787</a>.</div><br>"}], "value": "For a workaround see https://www.knime.com/security-advisory-cve-2025-2787 ."}], "x_generator": {"engine": "Vulnogram 0.2.0"}}, "adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-2787", "role": "CISA Coordinator", "options": [{"Exploitation": "none"}, {"Automatable": "no"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-03-27T13:23:10.416717Z"}}}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-94", "description": "CWE-94 Improper Control of Generation of Code ('Code Injection')"}]}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-03-27T13:25:29.740Z"}}]}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:knime:business_hub:*:*:*:*:*:*:*:*", "matchCriteriaId": "0D2BD1DD-BE57-4CB0-A8DD-63E2885D95DF", "versionEndExcluding": "1.10.4", "versionStartIncluding": "1.10.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:knime:business_hub:*:*:*:*:*:*:*:*", "matchCriteriaId": "86A92FC4-D6CF-4736-9932-FFD4CA7A07BA", "versionEndExcluding": "1.11.4", "versionStartIncluding": "1.11.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:knime:business_hub:*:*:*:*:*:*:*:*", "matchCriteriaId": "655A33C9-C973-43D5-A4F7-CAC44756672A", "versionEndExcluding": "1.12.4", "versionStartIncluding": "1.12.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:knime:business_hub:*:*:*:*:*:*:*:*", "matchCriteriaId": "2BA35652-95D4-4F37-9A60-7F1EB87885CE", "versionEndExcluding": "1.13.3", "versionStartIncluding": "1.13.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "KNIME Business Hub is affected by the Ingress-nginx CVE-2025-1974 ( a.k.a IngressNightmare ) vulnerability which affects the ingress-nginx component. In the worst case a complete takeover of the Kubernetes cluster is possible. Since the affected component is only reachable from within the cluster, i.e. requires an authenticated user, the severity in the context of KNIME Business Hub is slightly lower.\n\n\n\nBesides applying the publicly known workarounds, we strongly recommend updating to one of the following versions of KNIME Business Hub: \n\n\n\n * 1.13.3 or above \n\n\n\n\n\n\n * 1.12.4 or above \n\n\n\n\n\n\n * 1.11.4 or above \n\n\n\n\n\n\n * 1.10.4 or above\n\n\n\n\n\n\n\n\n *"}, {"lang": "es", "value": "KNIME Business Hub se ve afectado por la vulnerabilidad Ingress-nginx CVE-2025-1974 (tambi\u00e9n conocida como IngressNightmare), que afecta al componente ingress-nginx. En el peor de los casos, es posible que el cl\u00faster de Kubernetes se apodere completamente de \u00e9l. Dado que el componente afectado solo es accesible desde dentro del cl\u00faster, es decir, requiere un usuario autenticado, la gravedad en el contexto de KNIME Business Hub es ligeramente menor. Adem\u00e1s de aplicar los workarounds conocidos, recomendamos encarecidamente actualizar a una de las siguientes versiones de KNIME Business Hub: * 1.13.3 o superior * 1.12.4 o superior * 1.11.4 o superior * 1.10.4 o superior *"}], "id": "CVE-2025-2787", "lastModified": "2025-10-08T17:19:11.350", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NO", "Recovery": "USER", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.7, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "NOT_DEFINED", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "LOW", "providerUrgency": "AMBER", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "LOW", "subIntegrityImpact": "LOW", "userInteraction": "NONE", "valueDensity": "CONCENTRATED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:L/SI:L/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:N/R:U/V:C/RE:M/U:Amber", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "MODERATE"}, "source": "security@knime.com", "type": "Secondary"}]}, "published": "2025-03-26T21:15:23.167", "references": [{"source": "security@knime.com", "tags": ["Vendor Advisory", "Mitigation"], "url": "https://www.knime.com/security-advisory-cve-2025-2787"}], "sourceIdentifier": "security@knime.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-94"}], "source": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "type": "Secondary"}]}

{}