CVE-2025-27017
Last modified
CVE-2025-27017 is a medium-severity vulnerability rated 6.9/10 on the CVSS scale. Apache NiFi 1.13.0 through 2.2.0 includes the username and password used to authenticate with MongoDB in the NiFi provenance events that MongoDB components generate during processing. An authorized user with read access to the provenance events of those processors may see the credentials information. EPSS estimates a 1.14% chance of exploitation in the next 30 days.
Description
Apache NiFi 1.13.0 through 2.2.0 includes the username and password used to authenticate with MongoDB in the NiFi provenance events that MongoDB components generate during processing. An authorized user with read access to the provenance events of those processors may see the credentials information. Upgrading to Apache NiFi 2.3.0 is the recommended mitigation, which removes the credentials from provenance event records.
Metrics
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
CVSS:4.0/AV:N/AC:L/AT:P/PR:H/UI:N/VC:H/VI:N/VA:N/SC:H/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:P/AU:Y/R:U/V:C/RE:L/U:Green
Weakness Enumeration
Affected Software
| Vendor | Product | Versions |
|---|---|---|
| Apache | Nifi | >= 1.13.0, < 2.3.0 |
References
- https://lists.apache.org/thread/d4n5474jkhp82dvnht13pjtlfx7bhn5qMailing List, Vendor Advisory
- http://www.openwall.com/lists/oss-security/2025/03/11/1Mailing List, Third Party Advisory
Timeline
- Published
- Last Modified
- Status
- Analyzed
Frequently Asked Questions
What is CVE-2025-27017?
How severe is CVE-2025-27017?
How do I fix CVE-2025-27017?
Are you affected by CVE-2025-27017?
Run a free Strix scan to check your systems for this vulnerability.
Scan your code nowSource: NVD / NIST