Skip to main content

Nifi

43 CVEs product

Monthly

CVE-2026-54665 MEDIUM PATCH This Month

Host header injection in Apache NiFi 0.0.1 through 2.9.0 enables network-accessible clients to supply arbitrary values via X-ProxyHost and X-Forwarded-Host HTTP headers, causing the application to construct attacker-controlled qualified URLs used in HTTP redirects and data references. Although NiFi introduced an allowlist-based Host header control (nifi.web.proxy.host) in version 1.6.0, that validation was never extended to the alternative proxy and forwarded headers, leaving a persistent gap across roughly a decade of releases. No public exploit code has been identified at time of analysis and CVE-2026-54665 is not listed in CISA KEV; practical risk centers on open-redirect abuse, link manipulation, and potential bypass of same-origin assumptions rather than direct code execution.

Apache Information Disclosure Nifi
NVD VulDB
CVSS 4.0
6.3
EPSS
0.2%
CVE-2026-44914 HIGH This Week

Authorization bypass in Apache NiFi 1.12.0 through 2.9.0 allows authenticated users with general write access to add Restricted-annotated extension components when replacing Process Groups, despite lacking the explicit Restricted-component privilege. The flaw stems from the framework failing to enforce Restricted-annotation checks during Process Group replacement, effectively letting privileged-component installation bypass its intended authorization boundary. No public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.

Apache Authentication Bypass Nifi
NVD VulDB
CVSS 4.0
7.5
EPSS
0.3%
CVE-2026-44913 MEDIUM This Month

SQL injection via improperly escaped MySQL table names in Apache NiFi's CaptureChangeMySQL Processor (versions 1.2.0 through 2.9.0) allows an attacker with MySQL CREATE TABLE access in a monitored database to inject arbitrary SQL commands executed under NiFi's MySQL service credentials. A partial mitigation introduced in 1.8.0 added manual quoted boundaries that narrowed - but did not eliminate - the injection surface; the root flaw persisted for years until full remediation in 2.10.0. No public exploit identified at time of analysis and not listed in CISA KEV; the issue was discovered by Roberto Suggi Liverani of the NATO Cyber Security Centre (NCSC) and disclosed in April 2026.

Apache Code Injection Nifi
NVD VulDB
CVSS 4.0
5.2
EPSS
0.3%
CVE-2026-44911 LOW Monitor

Incorrect authorization enforcement in Apache NiFi 1.15.0 through 2.9.0 allows read-privileged users to submit configuration verification requests containing arbitrary proposed properties, bypassing the write-access requirement. The nifi-web-api REST endpoints for component configuration verification accepted proposed configuration overrides from any authenticated user with read access, enabling those users to invoke predefined verification methods - such as testing connectivity, credentials, or remote service endpoints - with attacker-supplied settings. No public exploit has been identified at time of analysis, and the fix is confirmed available in Apache NiFi 2.10.0.

Apache Authentication Bypass Nifi
NVD VulDB
CVSS 4.0
2.3
EPSS
0.3%
CVE-2025-27017 Maven MEDIUM PATCH This Month

Apache NiFi 1.13.0 through 2.2.0 includes the username and password used to authenticate with MongoDB in the NiFi provenance events that MongoDB components generate during processing. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Apache Nifi
NVD
CVSS 4.0
6.9
EPSS
0.1%
CVE-2024-56512 Maven LOW POC PATCH Monitor

Apache NiFi 1.10.0 through 2.0.0 are missing fine-grained authorization checking for Parameter Contexts, referenced Controller Services, and referenced Parameter Providers, when creating new Process. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Information Disclosure Nifi
NVD
CVSS 4.0
2.1
EPSS
3.1%
CVE-2024-52067 Maven MEDIUM PATCH This Month

Apache NiFi 1.16.0 through 1.28.0 and 2.0.0-M1 through 2.0.0-M4 include optional debug logging of Parameter Context values during the flow synchronization process. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available.

Apache Information Disclosure Nifi
NVD
CVSS 4.0
6.9
EPSS
0.7%
CVE-2024-45477 Maven MEDIUM PATCH This Month

Apache NiFi 1.10.0 through 1.27.0 and 2.0.0-M1 through 2.0.0-M3 support a description field for Parameters in a Parameter Context configuration that is vulnerable to cross-site scripting. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache XSS Nifi
NVD
CVSS 3.1
4.6
EPSS
0.6%
CVE-2024-37389 Maven MEDIUM PATCH This Month

Apache NiFi 1.10.0 through 1.26.0 and 2.0.0-M1 through 2.0.0-M3 support a description field in the Parameter Context configuration that is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache XSS Nifi
NVD
CVSS 3.1
5.4
EPSS
24.0%
CVE-2023-49145 Maven MEDIUM PATCH This Month

Apache NiFi 0.7.0 through 1.23.2 include the JoltTransformJSON Processor, which provides an advanced configuration user interface that is vulnerable to DOM-based cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache XSS Nifi
NVD
CVSS 3.1
5.4
EPSS
1.2%
CVE-2023-40037 Maven MEDIUM PATCH This Month

Apache NiFi 1.21.0 through 1.23.0 support JDBC and JNDI JMS access in several Processors and Controller Services with connection URL validation that does not provide sufficient protection against. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Authentication Bypass Nifi
NVD
CVSS 3.1
6.5
EPSS
1.5%
CVE-2023-36542 Maven HIGH PATCH This Week

Apache NiFi 0.0.2 through 1.22.0 include Processors and Controller Services that support HTTP URL references for retrieving drivers, which allows an authenticated and authorized user to configure a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Code Injection Apache Nifi
NVD
CVSS 3.1
8.8
EPSS
1.6%
CVE-2023-34468 Maven HIGH POC PATCH THREAT Act Now

The DBCPConnectionPool and HikariCPConnectionPool Controller Services in Apache NiFi 0.0.2 through 1.21.0 allow an authenticated and authorized user to configure a Database URL with the H2 driver. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Apache Nifi
NVD GitHub
CVSS 3.1
8.8
EPSS
63.6%
CVE-2023-34212 Maven MEDIUM PATCH This Month

The JndiJmsConnectionFactoryProvider Controller Service, along with the ConsumeJMS and PublishJMS Processors, in Apache NiFi 1.8.0 through 1.21.0 allow an authenticated and authorized user to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Deserialization Nifi
NVD
CVSS 3.1
6.5
EPSS
2.4%
CVE-2023-22832 Maven HIGH PATCH This Week

The ExtractCCDAAttributes Processor in Apache NiFi 1.2.0 through 1.19.1 does not restrict XML External Entity references. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache XXE Nifi
NVD
CVSS 3.1
7.5
EPSS
1.4%
CVE-2022-33140 Maven HIGH PATCH This Week

The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 1.16.2 and Apache NiFi Registry 0.6.0 to 1.16.2 does not neutralize arguments for group resolution commands, allowing injection of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Command Injection Apple Nifi Nifi Registry
NVD
CVSS 3.1
8.8
EPSS
3.7%
CVE-2022-29265 Maven HIGH PATCH This Week

Multiple components in Apache NiFi 0.0.1 to 1.16.0 do not restrict XML External Entity references in the default configuration. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache XXE Nifi
NVD
CVSS 3.1
7.5
EPSS
2.4%
CVE-2022-26850 Maven MEDIUM PATCH This Month

When creating or updating credentials for single-user access, Apache NiFi wrote a copy of the Login Identity Providers configuration to the operating system temporary directory. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Information Disclosure Nifi
NVD
CVSS 3.1
4.3
EPSS
1.4%
CVE-2021-44145 Maven MEDIUM PATCH This Month

In the TransformXML processor of Apache NiFi before 1.15.1 an authenticated user could configure an XSLT file which, if it included malicious external entity calls, may reveal sensitive information. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Information Disclosure Nifi
NVD
CVSS 3.1
6.5
EPSS
1.7%
CVE-2021-20190 Maven HIGH PATCH This Week

A flaw was found in jackson-databind before 2.9.10.7. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization Jackson Databind Active Iq Unified Manager Oncommand Api Services Oncommand Insight +4
NVD GitHub
CVSS 3.1
8.1
EPSS
7.5%
CVE-2020-9491 Maven HIGH PATCH This Week

In Apache NiFi 1.2.0 to 1.11.4, the NiFi UI and API were protected by mandating TLS v1.2, as well as listening connections established by processors like ListenHTTP, HandleHttpRequest, etc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Nifi
NVD
CVSS 3.1
7.5
EPSS
2.9%
CVE-2020-9487 Maven HIGH PATCH This Week

In Apache NiFi 1.0.0 to 1.11.4, the NiFi download token (one-time password) mechanism used a fixed cache size and did not authenticate a request to create a download token, only when attempting to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Authentication Bypass Nifi
NVD
CVSS 3.1
7.5
EPSS
3.0%
CVE-2020-9486 Maven HIGH PATCH This Week

In Apache NiFi 1.10.0 to 1.11.4, the NiFi stateless execution engine produced log output which included sensitive property values. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Nifi
NVD
CVSS 3.1
7.5
EPSS
3.6%
CVE-2020-13940 Maven MEDIUM PATCH This Month

In Apache NiFi 1.0.0 to 1.11.4, the notification service manager and various policy authorizer and user group provider objects allowed trusted administrators to inadvertently configure a potentially. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apache XXE Nifi
NVD
CVSS 3.1
5.5
EPSS
1.9%
CVE-2020-1942 Maven HIGH PATCH This Week

In Apache NiFi 0.0.1 to 1.11.0, the flow fingerprint factory generated flow fingerprints which included sensitive property descriptor values. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Nifi
NVD
CVSS 3.1
7.5
EPSS
3.1%
CVE-2020-1933 Maven MEDIUM PATCH This Month

A XSS vulnerability was found in Apache NiFi 1.0.0 to 1.10.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apache Mozilla Nifi
NVD
CVSS 3.1
6.1
EPSS
2.8%
CVE-2020-1928 Maven MEDIUM PATCH This Month

An information disclosure vulnerability was found in Apache NiFi 1.10.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Nifi
NVD
CVSS 3.1
5.3
EPSS
4.0%
CVE-2019-12421 Maven HIGH PATCH This Week

When using an authentication mechanism other than PKI, when the user clicks Log Out in NiFi versions 1.0.0 to 1.9.2, NiFi invalidates the authentication token on the client side but not on the server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Nifi
NVD
CVSS 3.1
8.8
EPSS
1.8%
CVE-2019-10083 Maven MEDIUM PATCH This Month

When updating a Process Group via the API in NiFi versions 1.3.0 to 1.9.2, the response to the request includes all of its contents (at the top most level, not recursively). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Nifi
NVD
CVSS 3.1
5.3
EPSS
2.8%
CVE-2019-10080 Maven MEDIUM PATCH This Month

The XMLFileLookupService in NiFi versions 1.3.0 to 1.9.2 allowed trusted users to inadvertently configure a potentially malicious XML file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Apache Nifi
NVD
CVSS 3.1
6.5
EPSS
2.3%
CVE-2019-10086 Maven HIGH PATCH This Week

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Java Apache Deserialization Commons Beanutils Nifi +58
NVD
CVSS 3.1
7.3
EPSS
28.8%
CVE-2018-17195 Maven HIGH PATCH This Week

The template upload API endpoint accepted requests from different domain when sent in conjunction with ARP spoofing + man in the middle (MiTM) attack, resulting in a CSRF attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

CSRF Apache Nifi
NVD
CVSS 3.0
7.5
EPSS
0.7%
CVE-2018-17194 Maven HIGH PATCH This Week

When a client request to a cluster node was replicated to other nodes in the cluster for verification, the Content-Length was forwarded. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Nifi
NVD
CVSS 3.0
7.5
EPSS
3.0%
CVE-2018-17193 Maven MEDIUM PATCH This Month

The message-page.jsp error page used the value of the HTTP request header X-ProxyContextPath without sanitization, resulting in a reflected XSS attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apache Nifi
NVD
CVSS 3.0
6.1
EPSS
2.8%
CVE-2018-17192 Maven MEDIUM PATCH This Month

The X-Frame-Options headers were applied inconsistently on some HTTP responses, resulting in duplicate or missing security headers. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apache Nifi
NVD
CVSS 3.0
6.5
EPSS
2.7%
CVE-2018-1310 Maven HIGH PATCH This Week

Apache NiFi JMS Deserialization issue because of ActiveMQ client vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Deserialization Apache Nifi
NVD
CVSS 3.0
7.5
EPSS
3.2%
CVE-2018-1309 Maven CRITICAL PATCH Act Now

Apache NiFi External XML Entity issue in SplitXML processor. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

RCE XXE Information Disclosure Apache Nifi
NVD
CVSS 3.0
9.8
EPSS
4.5%
CVE-2017-5636 Maven CRITICAL PATCH Act Now

In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, the proxy chain serialization/deserialization is vulnerable to an injection attack where a carefully crafted username could. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Deserialization Apache Nifi
NVD
CVSS 3.0
9.8
EPSS
1.2%
CVE-2017-5635 Maven HIGH PATCH This Week

In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, if an anonymous user request is replicated to another node, the originating node identity is used rather than the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Apache Nifi
NVD
CVSS 3.0
7.5
EPSS
0.5%
CVE-2016-8748 Maven MEDIUM PATCH This Month

In Apache NiFi before 1.0.1 and 1.1.x before 1.1.1, there is a cross-site scripting vulnerability in connection details dialog when accessed by an authorized user. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Apache Nifi
NVD
CVSS 3.0
5.4
EPSS
0.4%
CVE-2017-12623 Maven MEDIUM PATCH This Month

An authorized user could upload a template which contained malicious code and accessed sensitive files via an XML External Entity (XXE) attack. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

XXE Apache Nifi
NVD
CVSS 3.0
6.5
EPSS
0.3%
CVE-2017-7667 Maven HIGH PATCH This Week

Apache NiFi before 0.7.4 and 1.x before 1.3.0 need to establish the response header telling browsers to only allow framing with the same origin. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apache Information Disclosure Nifi
NVD
CVSS 3.0
7.5
EPSS
0.4%
CVE-2017-7665 Maven MEDIUM PATCH This Month

In Apache NiFi before 0.7.4 and 1.x before 1.3.0, there are certain user input components in the UI which had been guarding for some forms of XSS issues but were insufficient. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Apache Nifi
NVD
CVSS 3.0
6.1
EPSS
0.9%
EPSS 0% CVSS 6.3
MEDIUM PATCH This Month

Host header injection in Apache NiFi 0.0.1 through 2.9.0 enables network-accessible clients to supply arbitrary values via X-ProxyHost and X-Forwarded-Host HTTP headers, causing the application to construct attacker-controlled qualified URLs used in HTTP redirects and data references. Although NiFi introduced an allowlist-based Host header control (nifi.web.proxy.host) in version 1.6.0, that validation was never extended to the alternative proxy and forwarded headers, leaving a persistent gap across roughly a decade of releases. No public exploit code has been identified at time of analysis and CVE-2026-54665 is not listed in CISA KEV; practical risk centers on open-redirect abuse, link manipulation, and potential bypass of same-origin assumptions rather than direct code execution.

Apache Information Disclosure Nifi
NVD VulDB
EPSS 0% CVSS 7.5
HIGH This Week

Authorization bypass in Apache NiFi 1.12.0 through 2.9.0 allows authenticated users with general write access to add Restricted-annotated extension components when replacing Process Groups, despite lacking the explicit Restricted-component privilege. The flaw stems from the framework failing to enforce Restricted-annotation checks during Process Group replacement, effectively letting privileged-component installation bypass its intended authorization boundary. No public exploit identified at time of analysis and the vulnerability is not listed in CISA KEV.

Apache Authentication Bypass Nifi
NVD VulDB
EPSS 0% CVSS 5.2
MEDIUM This Month

SQL injection via improperly escaped MySQL table names in Apache NiFi's CaptureChangeMySQL Processor (versions 1.2.0 through 2.9.0) allows an attacker with MySQL CREATE TABLE access in a monitored database to inject arbitrary SQL commands executed under NiFi's MySQL service credentials. A partial mitigation introduced in 1.8.0 added manual quoted boundaries that narrowed - but did not eliminate - the injection surface; the root flaw persisted for years until full remediation in 2.10.0. No public exploit identified at time of analysis and not listed in CISA KEV; the issue was discovered by Roberto Suggi Liverani of the NATO Cyber Security Centre (NCSC) and disclosed in April 2026.

Apache Code Injection Nifi
NVD VulDB
EPSS 0% CVSS 2.3
LOW Monitor

Incorrect authorization enforcement in Apache NiFi 1.15.0 through 2.9.0 allows read-privileged users to submit configuration verification requests containing arbitrary proposed properties, bypassing the write-access requirement. The nifi-web-api REST endpoints for component configuration verification accepted proposed configuration overrides from any authenticated user with read access, enabling those users to invoke predefined verification methods - such as testing connectivity, credentials, or remote service endpoints - with attacker-supplied settings. No public exploit has been identified at time of analysis, and the fix is confirmed available in Apache NiFi 2.10.0.

Apache Authentication Bypass Nifi
NVD VulDB
EPSS 0% CVSS 6.9
MEDIUM PATCH This Month

Apache NiFi 1.13.0 through 2.2.0 includes the username and password used to authenticate with MongoDB in the NiFi provenance events that MongoDB components generate during processing. Rated medium severity (CVSS 6.9), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Apache Nifi
NVD
EPSS 3% CVSS 2.1
LOW POC PATCH Monitor

Apache NiFi 1.10.0 through 2.0.0 are missing fine-grained authorization checking for Parameter Contexts, referenced Controller Services, and referenced Parameter Providers, when creating new Process. Rated low severity (CVSS 2.1), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Information Disclosure Nifi
NVD
EPSS 1% CVSS 6.9
MEDIUM PATCH This Month

Apache NiFi 1.16.0 through 1.28.0 and 2.0.0-M1 through 2.0.0-M4 include optional debug logging of Parameter Context values during the flow synchronization process. Rated medium severity (CVSS 6.9), this vulnerability is low attack complexity. No vendor patch available.

Apache Information Disclosure Nifi
NVD
EPSS 1% CVSS 4.6
MEDIUM PATCH This Month

Apache NiFi 1.10.0 through 1.27.0 and 2.0.0-M1 through 2.0.0-M3 support a description field for Parameters in a Parameter Context configuration that is vulnerable to cross-site scripting. Rated medium severity (CVSS 4.6), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache XSS Nifi
NVD
EPSS 24% CVSS 5.4
MEDIUM PATCH This Month

Apache NiFi 1.10.0 through 1.26.0 and 2.0.0-M1 through 2.0.0-M3 support a description field in the Parameter Context configuration that is vulnerable to cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache XSS Nifi
NVD
EPSS 1% CVSS 5.4
MEDIUM PATCH This Month

Apache NiFi 0.7.0 through 1.23.2 include the JoltTransformJSON Processor, which provides an advanced configuration user interface that is vulnerable to DOM-based cross-site scripting. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache XSS Nifi
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

Apache NiFi 1.21.0 through 1.23.0 support JDBC and JNDI JMS access in several Processors and Controller Services with connection URL validation that does not provide sufficient protection against. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Authentication Bypass Nifi
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

Apache NiFi 0.0.2 through 1.22.0 include Processors and Controller Services that support HTTP URL references for retrieving drivers, which allows an authenticated and authorized user to configure a. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

RCE Code Injection Apache +1
NVD
EPSS 64% CVSS 8.8
HIGH POC PATCH THREAT Act Now

The DBCPConnectionPool and HikariCPConnectionPool Controller Services in Apache NiFi 0.0.2 through 1.21.0 allow an authenticated and authorized user to configure a Database URL with the H2 driver. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. Public exploit code available and no vendor patch available.

RCE Code Injection Apache +1
NVD GitHub
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

The JndiJmsConnectionFactoryProvider Controller Service, along with the ConsumeJMS and PublishJMS Processors, in Apache NiFi 1.8.0 through 1.21.0 allow an authenticated and authorized user to. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Deserialization Nifi
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

The ExtractCCDAAttributes Processor in Apache NiFi 1.2.0 through 1.19.1 does not restrict XML External Entity references. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache XXE Nifi
NVD
EPSS 4% CVSS 8.8
HIGH PATCH This Week

The optional ShellUserGroupProvider in Apache NiFi 1.10.0 to 1.16.2 and Apache NiFi Registry 0.6.0 to 1.16.2 does not neutralize arguments for group resolution commands, allowing injection of. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Command Injection Apple +2
NVD
EPSS 2% CVSS 7.5
HIGH PATCH This Week

Multiple components in Apache NiFi 0.0.1 to 1.16.0 do not restrict XML External Entity references in the default configuration. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache XXE Nifi
NVD
EPSS 1% CVSS 4.3
MEDIUM PATCH This Month

When creating or updating credentials for single-user access, Apache NiFi wrote a copy of the Login Identity Providers configuration to the operating system temporary directory. Rated medium severity (CVSS 4.3), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Information Disclosure Nifi
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

In the TransformXML processor of Apache NiFi before 1.15.1 an authenticated user could configure an XSLT file which, if it included malicious external entity calls, may reveal sensitive information. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Apache Information Disclosure Nifi
NVD
EPSS 7% CVSS 8.1
HIGH PATCH This Week

A flaw was found in jackson-databind before 2.9.10.7. Rated high severity (CVSS 8.1), this vulnerability is remotely exploitable, no authentication required. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Deserialization Jackson Databind Active Iq Unified Manager +6
NVD GitHub
EPSS 3% CVSS 7.5
HIGH PATCH This Week

In Apache NiFi 1.2.0 to 1.11.4, the NiFi UI and API were protected by mandating TLS v1.2, as well as listening connections established by processors like ListenHTTP, HandleHttpRequest, etc. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Nifi
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

In Apache NiFi 1.0.0 to 1.11.4, the NiFi download token (one-time password) mechanism used a fixed cache size and did not authenticate a request to create a download token, only when attempting to. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Authentication Bypass Nifi
NVD
EPSS 4% CVSS 7.5
HIGH PATCH This Week

In Apache NiFi 1.10.0 to 1.11.4, the NiFi stateless execution engine produced log output which included sensitive property values. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Nifi
NVD
EPSS 2% CVSS 5.5
MEDIUM PATCH This Month

In Apache NiFi 1.0.0 to 1.11.4, the notification service manager and various policy authorizer and user group provider objects allowed trusted administrators to inadvertently configure a potentially. Rated medium severity (CVSS 5.5), this vulnerability is no authentication required, low attack complexity. No vendor patch available.

Apache XXE Nifi
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

In Apache NiFi 0.0.1 to 1.11.0, the flow fingerprint factory generated flow fingerprints which included sensitive property descriptor values. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Nifi
NVD
EPSS 3% CVSS 6.1
MEDIUM PATCH This Month

A XSS vulnerability was found in Apache NiFi 1.0.0 to 1.10.0. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apache Mozilla +1
NVD
EPSS 4% CVSS 5.3
MEDIUM PATCH This Month

An information disclosure vulnerability was found in Apache NiFi 1.10.0. Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Nifi
NVD
EPSS 2% CVSS 8.8
HIGH PATCH This Week

When using an authentication mechanism other than PKI, when the user clicks Log Out in NiFi versions 1.0.0 to 1.9.2, NiFi invalidates the authentication token on the client side but not on the server. Rated high severity (CVSS 8.8), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

Information Disclosure Nifi
NVD
EPSS 3% CVSS 5.3
MEDIUM PATCH This Month

When updating a Process Group via the API in NiFi versions 1.3.0 to 1.9.2, the response to the request includes all of its contents (at the top most level, not recursively). Rated medium severity (CVSS 5.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Information Disclosure Nifi
NVD
EPSS 2% CVSS 6.5
MEDIUM PATCH This Month

The XMLFileLookupService in NiFi versions 1.3.0 to 1.9.2 allowed trusted users to inadvertently configure a potentially malicious XML file. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity. No vendor patch available.

XXE Apache Nifi
NVD
EPSS 29% CVSS 7.3
HIGH PATCH This Week

In Apache Commons Beanutils 1.9.2, a special BeanIntrospector class was added which allows suppressing the ability for an attacker to access the classloader via the class property available on all. Rated high severity (CVSS 7.3), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Deserialization of Untrusted Data vulnerability could allow attackers to execute arbitrary code through malicious serialized objects.

Java Apache Deserialization +60
NVD
EPSS 1% CVSS 7.5
HIGH PATCH This Week

The template upload API endpoint accepted requests from different domain when sent in conjunction with ARP spoofing + man in the middle (MiTM) attack, resulting in a CSRF attack. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required. No vendor patch available.

CSRF Apache Nifi
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

When a client request to a cluster node was replicated to other nodes in the cluster for verification, the Content-Length was forwarded. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Apache Information Disclosure Nifi
NVD
EPSS 3% CVSS 6.1
MEDIUM PATCH This Month

The message-page.jsp error page used the value of the HTTP request header X-ProxyContextPath without sanitization, resulting in a reflected XSS attack. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apache Nifi
NVD
EPSS 3% CVSS 6.5
MEDIUM PATCH This Month

The X-Frame-Options headers were applied inconsistently on some HTTP responses, resulting in duplicate or missing security headers. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

XSS Apache Nifi
NVD
EPSS 3% CVSS 7.5
HIGH PATCH This Week

Apache NiFi JMS Deserialization issue because of ActiveMQ client vulnerability. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. No vendor patch available.

Denial Of Service Deserialization Apache +1
NVD
EPSS 5% CVSS 9.8
CRITICAL PATCH Act Now

Apache NiFi External XML Entity issue in SplitXML processor. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This XML External Entity (XXE) vulnerability could allow attackers to read arbitrary files or perform SSRF through XML processing.

RCE XXE Information Disclosure +2
NVD
EPSS 1% CVSS 9.8
CRITICAL PATCH Act Now

In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, the proxy chain serialization/deserialization is vulnerable to an injection attack where a carefully crafted username could. Rated critical severity (CVSS 9.8), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Deserialization Apache Nifi
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

In Apache NiFi before 0.7.2 and 1.x before 1.1.2 in a cluster environment, if an anonymous user request is replicated to another node, the originating node identity is used rather than the. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Improper Authentication vulnerability could allow attackers to bypass authentication mechanisms to gain unauthorized access.

Authentication Bypass Apache Nifi
NVD
EPSS 0% CVSS 5.4
MEDIUM PATCH This Month

In Apache NiFi before 1.0.1 and 1.1.x before 1.1.1, there is a cross-site scripting vulnerability in connection details dialog when accessed by an authorized user. Rated medium severity (CVSS 5.4), this vulnerability is remotely exploitable, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Apache Nifi
NVD
EPSS 0% CVSS 6.5
MEDIUM PATCH This Month

An authorized user could upload a template which contained malicious code and accessed sensitive files via an XML External Entity (XXE) attack. Rated medium severity (CVSS 6.5), this vulnerability is remotely exploitable, low attack complexity.

XXE Apache Nifi
NVD
EPSS 0% CVSS 7.5
HIGH PATCH This Week

Apache NiFi before 0.7.4 and 1.x before 1.3.0 need to establish the response header telling browsers to only allow framing with the same origin. Rated high severity (CVSS 7.5), this vulnerability is remotely exploitable, no authentication required, low attack complexity.

Apache Information Disclosure Nifi
NVD
EPSS 1% CVSS 6.1
MEDIUM PATCH This Month

In Apache NiFi before 0.7.4 and 1.x before 1.3.0, there are certain user input components in the UI which had been guarding for some forms of XSS issues but were insufficient. Rated medium severity (CVSS 6.1), this vulnerability is remotely exploitable, no authentication required, low attack complexity. This Cross-Site Scripting (XSS) vulnerability could allow attackers to inject malicious scripts into web pages viewed by other users.

XSS Apache Nifi
NVD

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy