CVE-2025-41240
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-07-24

Last updated on: 2025-07-25

Assigner: VMware

Description
Three Bitnami Helm charts mount Kubernetes Secrets under a predictable path (/opt/bitnami/*/secrets) that is located within the web server document root. In affected versions, this can lead to unauthenticated access to sensitive credentials via HTTP/S. A remote attacker could retrieve these secrets by accessing specific URLs if the application is exposed externally. The issue affects deployments using the default value of usePasswordFiles=true, which mounts secrets as files into the container filesystem.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-07-24
Last Modified
2025-07-25
Generated
2026-05-27
AI Q&A
2025-07-24
EPSS Evaluated
2026-05-25
NVD
CVE-2025-41240
Affected Vendors & Products
Showing 6 associated CPEs
Vendor Product Version / Range
bitnami appsmith 5.2.0
bitnami drupal <22.0.4
bitnami wordpress 24.2.0
bitnami drupal 21.2.0
bitnami wordpress <25.0.4
bitnami appsmith <6.0.19
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-552 The product makes files or directories accessible to unauthorized actors, even though they should not be.
Attack-Flow Graph
AI Powered Q&A
Can you explain this vulnerability to me?

This vulnerability affects three Bitnami Helm charts (appsmith, drupal, and wordpress) that mount Kubernetes Secrets under a predictable file path (/opt/bitnami/*/secrets) within the web server document root. Because of this, sensitive credentials stored as files can be accessed remotely without authentication via HTTP/S if the application is exposed externally. The issue arises when the default setting usePasswordFiles=true is used, which mounts secrets as files inside the container filesystem, making them accessible through predictable URLs. [1]


How can this vulnerability impact me? :

This vulnerability can lead to unauthorized remote attackers retrieving sensitive credentials without any authentication. This can compromise the confidentiality, integrity, and availability of the affected system, potentially allowing attackers to gain further access or disrupt services. The vulnerability has a critical CVSS score of 10.0, indicating a severe impact if exploited. [1]


How can this vulnerability be detected on my network or system? Can you suggest some commands?

You can detect this vulnerability by checking if your Bitnami Helm chart deployments (appsmith, drupal, wordpress) expose the /opt/bitnami/*/secrets path via HTTP/S. For example, you can use curl or wget commands to attempt to access URLs like http(s)://<your-app-domain>/opt/bitnami/<app>/secrets to see if sensitive files are accessible without authentication. Additionally, inspecting your Helm chart versions and configuration for usePasswordFiles=true can help identify vulnerable deployments. [1]


What immediate steps should I take to mitigate this vulnerability?

Immediate mitigation steps include upgrading your Bitnami Helm charts to the first unaffected versions: wordpress to 25.0.4 or later, appsmith to 6.0.19 or later, and drupal to 22.0.4 or later. As a workaround, you can set usePasswordFiles=false in your Helm chart values to prevent mounting secrets as files and instead use environment variables. Additionally, applying web server or ingress access restrictions to block access to the /opt/bitnami/*/secrets path can prevent unauthorized retrieval of secrets. [1]


Ask Our AI Assistant
Need more information? Ask your question to get an AI reply (Powered by our expertise)
0/70
EPSS Chart