Unrated severityNVD Advisory· Published Sep 1, 2025· Updated Sep 2, 2025
Knowage vulnerable to server-side request forgery
CVE-2025-55007
Description
Knowage is an open source analytics and business intelligence suite. Prior to version 8.1.37, Knowage is vulnerable to server-side request forgery. The vulnerability allows attackers to send requests to arbitrary hosts/paths. Since the attacker is not able to read the response, the impact of this vulnerability is limited. However, an attacker could be able to leverage this vulnerability to scan the internal network. This issue has been patched in version 8.1.37.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2- Range: <8.1.37
- Range: < 8.1.37
Patches
Vulnerability mechanics
References
1- github.com/KnowageLabs/Knowage-Server/security/advisories/GHSA-7f6m-ph57-52w6mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.