CNNVD-202509-044 Information

CNNVD ID

CNNVD-202509-044

Related CVE

CVE-2025-55007

• CNNVD Published: 2025-09-01

Description (Chinese)

Knowage是意大利Knowage公司的一套用于在传统资源和大数据系统上进行现代业务分析的开源套件。 Knowage 8.1.37之前版本存在代码问题漏洞，该漏洞源于服务端请求伪造，可能导致扫描内部网络。

Description (English)

Knowage is an open source package for modern business analysis on traditional resources and large data systems of Knowage Italy. Prior to Knowage 8.1.37, there was a code problem loophole, which originated in a service-end request for forgery and could lead to scanning the internal network.

Hazard Level

Critical

Vulnerability Type

代码问题

Affected Vendor

Knowage

Published

2025-09-01

Last Modified

2026-02-24

References

https://github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-7f6m-ph57-52w6 https://nvd.nist.gov/vuln/detail/CVE-2025-55007 https://access.redhat.com/security/cve/cve-2025-55007

Patch

https://github.com/KnowageLabs/Knowage-Server/releases