CVE-2025-1974

Published Mar 25, 2025

Last updated a day ago

CVSS critical 9.8
Kubernetes
IngressNightmare
NGINX

Overview

AI description

Generated using AI and has not been reviewed by Intruder. May contain errors.

CVE-2025-1974 is a vulnerability within the Ingress NGINX Controller for Kubernetes, specifically affecting the admission controller component. This flaw falls under a group of vulnerabilities collectively known as "IngressNightmare." The vulnerability arises because the admission controllers are accessible over the network without authentication. By sending a malicious ingress object directly to the admission controller, an attacker can inject arbitrary NGINX configurations. This results in code execution on the Ingress NGINX Controller's pod, potentially granting unauthorized access to all secrets stored across all namespaces in the Kubernetes cluster, which could lead to a complete cluster takeover.

Description
A security issue was discovered in Kubernetes where under certain conditions, an unauthenticated attacker with access to the pod network can achieve arbitrary code execution in the context of the ingress-nginx controller. This can lead to disclosure of Secrets accessible to the controller. (Note that in the default installation, the controller can access all Secrets cluster-wide.)
Source
jordan@liggitt.net
NVD status
Received

Risk scores

CVSS 3.1

Type
Secondary
Base score
9.8
Impact score
5.9
Exploitability score
3.9
Vector string
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Severity
CRITICAL

Weaknesses

jordan@liggitt.net
CWE-653

Social media

Hype score is a measure of social media activity compared against trending CVEs from the past 12 months. Max score 100.

Hype score

44

  1. 🚨 Critical vulnerabilities (CVE-2025-1974) in Ingress NGINX Controller threaten Kubernetes, allowing remote code execution. Upgrade urgently to safeguard cloud services like AWS & GCP. πŸ”’ #Kubernetes #Ingress #USA link: https://t.co/Lpdz9x0l43 https://t.co/rWz91dOXKd

    @TweetThreatNews

    26 Mar 2025

    18 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  2. πŸš€πŸ”’ @sysdig : π™³πšŽπšπšŽπšŒπšπš’πš—πš π™°πš—πš π™Όπš’πšπš’πšπšŠπšπš’πš—πš IngressNightmare (π™²πš…π™΄-2025-1974) πŸ”’πŸš€ #cyber_security_insights πŸ’‘ π™ΎπšŸπšŽπš›πšŸπš’πšŽπš : @sysdig latest blog post dives into the IngressNightmare vulnerability (CVE-2025-1974), a critical security flaw impacting https

    @MahRabie

    25 Mar 2025

    59 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  3. Jacob Sandum posted a detailed and well-written PoC for the IngressNightmare (CVE-2025-1974 ) vulnerability found in the Kubernetes ingress-nginx Admission Controller by Wiz (Woogle!): https://t.co/c8Yau94NEx https://t.co/PdOgMYzenQ

    @hdmoore

    25 Mar 2025

    3368 Impressions

    20 Retweets

    40 Likes

    15 Bookmarks

    2 Replies

    0 Quotes

  4. 🚨 CVE-2025-1974 βš οΈπŸ”΄ CRITICAL (9.8) 🏒 kubernetes - ingress-nginx πŸ—οΈ 0 πŸ”— https://https://t.co/lzVXhoTZWB #CyberCron #VulnAlert #InfoSec https://t.co/3hDVI141JR

    @cybercronai

    25 Mar 2025

    46 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  5. CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare https://t.co/M5466CUVpq https://t.co/kLG5oaB8HP

    @pcasano

    25 Mar 2025

    58 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  6. 🚨Patch up your Kubernetes installs. ⚠️ Affected @kubernetesio versions: < v1.11.0 v1.11.0 - 1.11.4 v1.12.0 🦠Vulnerabilities  CVE-2025-1974 CVE-2025-1097  CVE-2025-1098  CVE-2025-24514 CVE-2025-24513 https://t.co/zrLTDB2rU4

    @gothburz

    25 Mar 2025

    139 Impressions

    0 Retweets

    52 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  7. 🚨 CRITICAL ALERT: #IngressNightmare - Four critical #RCE vulnerabilities (CVE-2025-1097, CVE-2025-1098, CVE-2025-24514, CVE-2025-1974) in #NGINX Ingress Controller for Kubernetes with #CVSS 9.8 score. This could affect a massive number of environments! https://t.co/aAepuv29JX ht

    @CheckmarxZero

    25 Mar 2025

    287 Impressions

    2 Retweets

    4 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  8. 🚨 Critical Kubernetes Vulnerability: CVE-2025-1974 in ingress-nginx 🚨 The Kubernetes Security Response Committee has released urgent patches for a set of vulnerabilities in ingress-nginx, affecting over 40% of Kubernetes clusters. https://t.co/IZWQiLBZkZ

    @SecurityJoes

    25 Mar 2025

    96 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  9. Shodan query for IngressNightmare: (9.8 Critical Unauth RCE in Ingress NGINX: CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974) ssl:"nil1" port:8443 https://t.co/mtXaAEWWs5

    @SimoKohonen

    25 Mar 2025

    382 Impressions

    2 Retweets

    4 Likes

    1 Bookmark

    0 Replies

    0 Quotes

  10. Shodan query for IngressNightmare: (9.8 Critical Unauth RCE in Ingress NGINX -- CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974) ssl:"nil1" port:8443 https://t.co/WNhg2vv1BG

    @SimoKohonen

    25 Mar 2025

    3 Impressions

    0 Retweets

    2 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  11. Shodan query for IngressNightmare: (9.8 Critical Unauth RCE in Ingress NGINX - CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974) ssl:"nil1" port:8443 https://t.co/oHXasXgHCJ

    @SimoKohonen

    25 Mar 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  12. CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, CVE-2025-24513, CVE-2025-24514: Frequently Asked Questions About IngressNightmare https://t.co/n4lHTFJokd https://t.co/iNInsgle0s

    @Trej0Jass

    25 Mar 2025

    65 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  13. Woke up to CVE-2025-1974 in my feed β€” ingress-nginx has a nasty vulnerability that could expose your Kubernetes cluster to takeover... Here’s what I found, how to patch, and why it matters πŸ‘‰ https://t.co/yGgFXp71K6 #kubernetes #cve2025 #infosec

    @abhi16_93

    25 Mar 2025

    58 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  14. Ingress-nginx CVE-2025-1974: What You Need to Know - https://t.co/TuWCchYN3U #Kubernetes

    @K8sContributors

    25 Mar 2025

    6877 Impressions

    15 Retweets

    46 Likes

    15 Bookmarks

    5 Replies

    5 Quotes

  15. [CVE-2025-1974: CRITICAL] Critical security vulnerability found in Kubernetes allows unauthenticated attackers to execute code through the ingress-nginx controller, potentially exposing sensitive Secrets. #CyberSe...#cybersecurity,#vulnerability https://t.co/PwdgIH6Gkg https://t.

    @CveFindCom

    25 Mar 2025

    6 Impressions

    0 Retweets

    0 Likes

    0 Bookmarks

    0 Replies

    0 Quotes

  16. πŸ”΄ MΓΊltiples vulnerabilidades recientes de autenticaciΓ³n RCE en NGNIX (CVE-2025-24513, CVE-2025-24514, CVE-2025-1097, CVE-2025-1098 y CVE-2025-1974) han sido denominadas colectivamente como IngressNightmare. πŸ§‰ https://t.co/sjCbocBglv

    @MarquisioX

    24 Mar 2025

    143 Impressions

    0 Retweets

    1 Like

    0 Bookmarks

    0 Replies

    0 Quotes

  17. Vulnerabilidad crΓ­tica en NGINX Controller para Kubernetes permite RCE sin autenticaciΓ³n CVE-2025-24513 CVE-2025-24514 CVE-2025-1097 CVE-2025-1098 CVE-2025-1974 IngressNightmare https://t.co/HawNQjP6C5 https://t.co/VwLI9zvGT4

    @elhackernet

    24 Mar 2025

    13110 Impressions

    76 Retweets

    240 Likes

    74 Bookmarks

    1 Reply

    0 Quotes

References