KNIME Business Hub Authentication Bypass Vulnerability Allowing Message Injection and Reading
Vulnerability
A vulnerability exists in KNIME Business Hub versions prior to 1.18.0, stemming from an authentication bypass flaw in the Apache Artemis messaging broker it uses. This vulnerability allows users with normal privileges and the ability to execute workflows to read all internal messages exchanged via the broker and inject new messages. The issue arises because Apache Artemis is not exposed externally, requiring at least normal user privileges to exploit. Affected users can install and register a federated mirror without authentication, gaining access to internal messages and the ability to inject new ones.
Impact
Exploitation of this vulnerability allows for unauthorized reading and injection of messages within the Apache Artemis broker used by KNIME Business Hub, potentially leading to unauthorized communication or data manipulation.
Remediation
Users are advised to update to KNIME Business Hub versions 1.18.0, 1.17.4, 1.16.3, or 1.15.2, all of which include the patched version of Apache Artemis.
Vulnerability Rating
Our algorithm analyzes dozens of metrics to generate these 8 key vulnerability categories, which are then combined to calculate the overall risk score.