AI description
CVE-2025-1097 is a security vulnerability found in the ingress-nginx controller for Kubernetes. It stems from the improper sanitization of the `auth-tls-match-cn` Ingress annotation, which can be exploited to inject malicious configurations into Nginx. This vulnerability allows for arbitrary code execution within the context of the ingress-nginx controller. Furthermore, successful exploitation can lead to the disclosure of Secrets accessible to the controller, potentially granting unauthorized access to sensitive information cluster-wide.
- Description
- A security issue was discovered in ingress-nginx https://github.com/kubernetes/ingress-nginx where the `auth-tls-match-cn` Ingress annotation can be used to inject configuration into nginx. This can lead to arbitrary code execution in the context of the ingress-nginx controller, and disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)
- Source
- jordan@liggitt.net
- NVD status
- Awaiting Analysis
CVSS 3.1
- Type
- Secondary
- Base score
- 8.8
- Impact score
- 5.9
- Exploitability score
- 2.8
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
- Severity
- HIGH
- jordan@liggitt.net
- CWE-20
- Hype score
- Not currently trending
CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare https://t.co/QeoxJBRLwf https://t.co/wwtWqOL4AR
@IT_Peurico
3 Apr 2025
11 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare https://t.co/9Lid64NsNm https://t.co/a9RJUkGLNZ
@NickBla41002745
31 Mar 2025
18 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
#wiz #IngressNightmare #POC #Security CVE-2025-24514 - auth-url injection -- when IsAuthURL = true CVE-2025-1097 - auth-tls-match-cn injection -- when IsAuthTLSMatchCN = true CVE-2025-1098 – mirror UID injection -- when IsMirrorWithUID = true Exps here: https://t.co/V9KzF45OJW
@Skyworship2
30 Mar 2025
556 Impressions
0 Retweets
5 Likes
4 Bookmarks
0 Replies
0 Quotes
Shodan query for IngressNightmare: (9.8 Critical Unauth RCE in Ingress NGINX: CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974) ssl:"nil1" port:8443 https://t.co/UyZeLktPnH
@SeniorHack82173
28 Mar 2025
11 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes
真应该关注一下最近的CVE-2025-1097,直接就是未授权远程RCE类别漏洞 https://t.co/SepblVK5wv
@seclink
28 Mar 2025
700 Impressions
0 Retweets
1 Like
1 Bookmark
0 Replies
0 Quotes
Wiz Research discovered CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974, a series of unauthenticated Remote Code Execution vulnerabilities in Ingress NGINX Controller for Kubernetes dubbed #IngressNightmare. https://t.co/DKk60FqzHY
@AfricaCERT
27 Mar 2025
23 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨PoC Code to Exploit the IngressNightmare Vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974) https://t.co/DifyO9PFuI https://t.co/1wwKpK8hcj
@DarkWebInformer
27 Mar 2025
18614 Impressions
66 Retweets
239 Likes
71 Bookmarks
2 Replies
2 Quotes
IngressNightmare PoC available (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974) https://t.co/tWWdrj0eLw
@t3l3machus
27 Mar 2025
944 Impressions
13 Retweets
28 Likes
10 Bookmarks
0 Replies
0 Quotes
My week thanks to CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-29927, CVE-2025-24813....... https://t.co/QM3hlv6IlT
@mruston
26 Mar 2025
48 Impressions
0 Retweets
0 Likes
0 Bookmarks
1 Reply
0 Quotes
Our team has just successfully reproduced the IngressNightmare vulnerability (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, and CVE-2025-1974) and created a custom exploit achieving RCE. It's a Pre-Auth RCE affecting Ingress NGINX that allows complete cluster takeover. We'll htt
@carlos_crowsec
26 Mar 2025
51970 Impressions
164 Retweets
743 Likes
361 Bookmarks
10 Replies
2 Quotes
Safeguard Kubernetes from critical RCE threats (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974). Explore ASPM, remediation strategies, and Phoenix Security insights to secure your NGINX ingress and block advanced attacks. #kubernetes #vulnerability #nginx #aspm https
@sec_phoenix
26 Mar 2025
58 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare https://t.co/ndSChz8g50 https://t.co/VSSptdSAm7
@Trej0Jass
26 Mar 2025
44 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
IngressNightmare: 9.8 Critical Unauthenticated Remote Code Execution Vulnerabilities in Ingress NGINX #IngressNightmare CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 CVE-2025-1974, https://t.co/s8USBfedJJ
@freedomhack101
26 Mar 2025
41 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare https://t.co/0QPPHQeRNI https://t.co/e3UFJ0twAu
@secured_cyber
26 Mar 2025
43 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
💬New Blog Post 👉 IS NGINX IngressNightmare bad? Bad news it is: Critical Remote Code Execution Threats (CVE-2025-1097, CVE-2025-1098, CVE-20 - https://t.co/lXOEuDJdNk
@sec_phoenix
26 Mar 2025
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Five newly disclosed critical vulnerabilities in the Ingress NGINX Controller for Kubernetes—collectively dubbed IngressNightmare — pose a severe remote code execution (RCE) risk to cloud environments. These flaws (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098, and
@cytexsmb
25 Mar 2025
152 Impressions
1 Retweet
2 Likes
0 Bookmarks
2 Replies
2 Quotes
CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare https://t.co/M5466CUVpq https://t.co/kLG5oaB8HP
@pcasano
25 Mar 2025
79 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 CVE-2025-1097 🔴 HIGH (8.8) 🏢 kubernetes - ingress-nginx 🏗️ 0 🔗 https://t.co/x5csZ60HYZ #CyberCron #VulnAlert #InfoSec https://t.co/kx3is1q5pr
@cybercronai
25 Mar 2025
35 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨Patch up your Kubernetes installs. ⚠️ Affected @kubernetesio versions: < v1.11.0 v1.11.0 - 1.11.4 v1.12.0 🦠Vulnerabilities CVE-2025-1974 CVE-2025-1097 CVE-2025-1098 CVE-2025-24514 CVE-2025-24513 https://t.co/zrLTDB2rU4
@gothburz
25 Mar 2025
192 Impressions
0 Retweets
52 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 CRITICAL ALERT: #IngressNightmare - Four critical #RCE vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974) in #NGINX Ingress Controller for Kubernetes with #CVSS 9.8 score. This could affect a massive number of environments! https://t.co/aAepuv29JX ht
@CheckmarxZero
25 Mar 2025
400 Impressions
3 Retweets
6 Likes
0 Bookmarks
0 Replies
0 Quotes
Shodan query for IngressNightmare: (9.8 Critical Unauth RCE in Ingress NGINX: CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974) ssl:"nil1" port:8443 https://t.co/mtXaAEWWs5
@SimoKohonen
25 Mar 2025
446 Impressions
2 Retweets
4 Likes
1 Bookmark
0 Replies
0 Quotes
Shodan query for IngressNightmare: (9.8 Critical Unauth RCE in Ingress NGINX -- CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974) ssl:"nil1" port:8443 https://t.co/WNhg2vv1BG
@SimoKohonen
25 Mar 2025
3 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
Shodan query for IngressNightmare: (9.8 Critical Unauth RCE in Ingress NGINX - CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974) ssl:"nil1" port:8443 https://t.co/oHXasXgHCJ
@SimoKohonen
25 Mar 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare https://t.co/n4lHTFJokd https://t.co/iNInsgle0s
@Trej0Jass
25 Mar 2025
71 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2025-1097: HIGH] Security alert: Vulnerability found in ingress-nginx allows for injection of code using `auth-tls-match-cn` Ingress annotation. Risk of code execution and Secret disclosure to controller.#cybersecurity,#vulnerability https://t.co/kQDvrJ2KVr https://t.co/6KYz
@CveFindCom
25 Mar 2025
6 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🔴 Múltiples vulnerabilidades recientes de autenticación RCE en NGNIX (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098 y CVE-2025-1974) han sido denominadas colectivamente como IngressNightmare. 🧉 https://t.co/sjCbocBglv
@MarquisioX
24 Mar 2025
143 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Vulnerabilidad crítica en NGINX Controller para Kubernetes permite RCE sin autenticación CVE-2025-24513 CVE-2025-24514 CVE-2025-1097 CVE-2025-1098 CVE-2025-1974 IngressNightmare https://t.co/HawNQjP6C5 https://t.co/VwLI9zvGT4
@elhackernet
24 Mar 2025
13110 Impressions
76 Retweets
240 Likes
74 Bookmarks
1 Reply
0 Quotes