CVE-2025-2402
CVE-2025-2402: KNIME Business Hub Hardcoded Password Vulnerability
Description:
A hard-coded, non-random password exists for the object store (MinIO) within KNIME Business Hub (all versions except patched versions). This allows an unauthenticated remote attacker who possesses the password to:
- Read and manipulate swapped jobs.
- Read and manipulate input/output data of active jobs.
- Cause a denial-of-service (DoS) by writing large amounts of data to the object store.
Severity:
- CVSS v3.1 Score: 8.8 (High)
- Vector: AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H
Known Exploit:
Attackers can leverage the hardcoded MinIO password to gain unauthorized access to the object store. This access allows them to directly manipulate job data, potentially leading to data breaches, workflow disruption, or complete system compromise. The DoS can be triggered by overwhelming the object store with excessive data.
Remediation/Mitigation Strategy:
Primary Remediation:
- Upgrade: Immediately upgrade KNIME Business Hub to one of the following versions or later:
- 1.13.2
- 1.12.3
- 1.11.3
- 1.10.3
Mitigation (If immediate upgrade is not possible):
- Due to the nature of the vulnerability there are no viable workarounds other than upgrading.
Long-Term Security Practices:
- Vulnerability Scanning: Implement regular vulnerability scanning to identify and address security weaknesses promptly.
- Secure Configuration: Ensure proper security configurations are implemented for all components, avoiding hardcoded credentials.
- Access Control: Implement and enforce the principle of least privilege, granting users only the necessary access rights.
- Security Awareness Training: Conduct security awareness training for all personnel to educate them about potential threats and best practices.
- Incident Response Plan: Maintain a documented incident response plan to effectively handle security incidents.
Assigner
- KNIME AG [email protected]
Date
- Published Date: 2025-03-31 06:11:40
- Updated Date: 2025-03-31 13:15:43