Apache NiFi Vulnerability Let Attackers Access MongoDB Username & Passwords

This exposure creates a significant security risk, as compromised database credentials could lead to unauthorized data access, manipulation, or exfiltration of sensitive information stored in MongoDB databases connected to the NiFi instance. For organizations unable to upgrade immediately, implementing strict access controls for provenance data and conducting security audits to detect potential credential exposure are recommended as temporary measures. This vulnerability serves as a reminder of the importance of comprehensive security auditing across all components of data processing systems, particularly focusing on how authentication credentials are handled throughout the application lifecycle. Cyber Security News is a Dedicated News Platform For Cyber News, Cyber Attack News, Hacking News & Vulnerability Analysis. The vulnerability stems from Apache NiFi’s improper handling of authentication credentials in its provenance event logging functionality.

This Cyber News was published on cybersecuritynews.com. Publication date: Thu, 13 Mar 2025 15:20:36 +0000

Cyber News related to Apache NiFi Vulnerability Let Attackers Access MongoDB Username & Passwords

CVE-2021-36845 - Multiple Authenticated Stored Cross-Site Scripting (XSS) vulnerabilities in YITH Maintenance Mode (WordPress plugin) versions < 1.3.8, there are 46 vulnerable parameters that were missed by the vendor while patching the 1.3.7 version to 1.3.8. ...
3 years ago

MongoDB Cyber Attack, Customer Data Exposed - MongoDB has experienced a security incident in which unauthorized access to its corporate systems was identified. The company confirmed that there was no evidence of access to any customer's system logs. MongoDB is currently investigating the ...
1 year ago Cybersecuritynews.com

Apache NiFi Vulnerability Let Attackers Access MongoDB Username & Passwords - This exposure creates a significant security risk, as compromised database credentials could lead to unauthorized data access, manipulation, or exfiltration of sensitive information stored in MongoDB databases connected to the NiFi instance. For ...
3 days ago Cybersecuritynews.com

Enzoic for AD Lite Data Shows Increase in Crucial Risk Factors - The 2023 data from Enzoic for Active Directory Lite data from 2023 offers a revealing glimpse into the current state of cybersecurity, highlighting a significant increase in risk factors that lead to data breaches. The free password auditor has been ...
1 year ago Securityboulevard.com

The most popular passwords of 2023 are easy to guess and crack - Each year, analysts at various Internet security companies release lists of the most used passwords. ADVERTISEMENT. The passwords that are on these lists may act as a warning for any Internet and electronic device user. Some common passwords have ...
1 year ago Ghacks.net

CVE-2021-32050 - Some MongoDB Drivers may erroneously publish events containing authentication-related data to a command listener configured by an application. The published events may contain security-sensitive data when specific authentication-related commands are ...
1 year ago

MongoDB confirms customer data was exposed in a cyberattack - MongoDB is warning that its corporate systems were breached and that customer data was exposed in a cyberattack that was detected by the company earlier this week. In emails sent to MongoDB customers from CISO Lena Smart, the company says they ...
1 year ago Bleepingcomputer.com

MongoDB says customer data was exposed in a cyberattack - MongoDB is warning that its corporate systems were breached and that customer data was exposed in a cyberattack that was detected by the company earlier this week. In emails sent to MongoDB customers from CISO Lena Smart, the company says they ...
1 year ago Bleepingcomputer.com

CVE-2025-27017 - Apache NiFi 1.13.0 through 2.2.0 includes the username and password used to authenticate with MongoDB in the NiFi provenance events that MongoDB components generate during processing. An authorized user with read access to the provenance events of ...
4 days ago

CVE-2022-33140 - The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 1.16.2 and Apache NiFi Registry 0.6.0 to 1.16.2 does not neutralize arguments for group resolution commands, allowing injection of operating system commands on Linux and macOS platforms. ...
2 years ago

CVE-2007-0228 - The DataCollector service in EIQ Networks Network Security Analyzer allows remote attackers to cause a denial of service (service crash) via a (1) &CONNECTSERVER& (2) &ADDENTRY& (3) &FIN& (4) &START& (5) ...
7 years ago

CVE-2020-7922 - X.509 certificates generated by the MongoDB Enterprise Kubernetes Operator may allow an attacker with access to the Kubernetes cluster improper access to MongoDB instances. Customers who do not use X.509 authentication, and those who do not use the ...
6 months ago

CVE-2024-7553 - Incorrect validation of files loaded from a local untrusted directory may allow local privilege escalation if the underlying operating systems is Windows. This may result in the application executing arbitrary behaviour determined by the contents of ...
5 months ago

CVE-2023-0436 - The affected versions of MongoDB Atlas Kubernetes Operator may print sensitive information like GCP service account keys and API integration secrets while DEBUG mode logging is enabled. This issue affects MongoDB Atlas Kubernetes Operator versions: ...
7 months ago

Protect your Active Directory from these Password-based Vulnerabilities - Deploying a security solution like Specops Password Policy enhances the protection of passwords, which are frequently exploited as an initial entry point by attackers. In this attack, the perpetrator, typically using a compromised low-level account ...
1 year ago Bleepingcomputer.com

Jason's Deli Restaurant Chain Hit by a Credential Stuffing Attack - The personal information of more than 340,000 customers of popular restaurant chain Jason's Deli may have been victims of a credential stuffing attack, a scheme in which the hacker uses stolen or leaked credentials to log into other online accounts. ...
1 year ago Securityboulevard.com

How to use the Apple Passwords app - Help Net Security - The app’s Security section informs you if you have chosed easily guessable or reused passwords, or if that particular password has been compromised (i.e., appears in public data leaks). To edit passwords, select the “All” section and then ...
5 months ago Helpnetsecurity.com

Wordfence Intelligence Weekly WordPress Vulnerability Report (September 23, 2024 to September 29, 2024) - Software Name Software Slug 012 Ps Multi Languages 012-ps-multi-languages ABC APP CREATOR abcapp-creator Absolute Reviews absolute-reviews Accordion accordions Ads by WPQuads – Adsense Ads, Banner Ads, Popup Ads quick-adsense-reloaded Advanced File ...
5 months ago Wordfence.com Slug

CVE-2023-52587 - In the Linux kernel, the following vulnerability has been resolved: ...
1 year ago

CVE-2019-13363 - admin.php?pagenotification_by_mail in Piwigo 2.9.5 has XSS via the nbm_send_html_mail, nbm_send_mail_as, nbm_send_detailed_content, ...
2 years ago

In Pursuit of a Passwordless Future - Many computer users dream of a day when the industry can move past its reliance on passwords to reach a more serene future of frictionless cybersecurity. The fact is that countless remaining devices and systems have been aging and based on password ...
1 year ago Securityboulevard.com

CVE-2024-52067 - Apache NiFi 1.16.0 through 1.28.0 and 2.0.0-M1 through 2.0.0-M4 include optional debug logging of Parameter Context values during the flow synchronization process. An authorized administrator with access to change logging levels could enable debug ...
3 months ago Tenable.com

In Pursuit of a Passwordless Future - Many computer users dream of a day when the industry can move past its reliance on passwords to reach a more serene future of frictionless cybersecurity. The fact is, countless remaining devices and systems are aging relics that have been based on ...
1 year ago Cyberdefensemagazine.com

CVE-2023-39913 - Deserialization of Untrusted Data, Improper Input Validation vulnerability in Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK, Apache UIMA Java SDK.This issue affects Apache UIMA Java SDK: before 3.5.0. ...
1 month ago

CVE-2020-28092 - PESCMS Team 2.3.2 has multiple reflected XSS via the id parameter:?gTeam&mTask&amy&status3&id,?gTeam&mTask&amy&status0&id,?gTeam&mTask&amy&status1&id,?gTeam&mTask&amy&status10&id ...
4 years ago