CVE-2025-11240
Unknown Unknown - Not Provided
BaseFortify

Publication date: 2025-10-02

Last updated on: 2025-10-08

Assigner: KNIME AG

Description
An open redirect vulnerability existed in KNIME Business Hub prior to version 1.16.0. An unauthenticated remote attacker could craft a link to a legitimate KNIME Business Hub installation which, when opened by the user, redirects the user to a page of the attackers choice. This might open the possibility for fishing or other similar attacks. The problem has been fixed in KNIME Business Hub 1.16.0.
CVSS Scores
EPSS Scores
Probability:
Percentile:
Meta Information
Published
2025-10-02
Last Modified
2025-10-08
Generated
2026-06-16
AI Q&A
2025-10-02
EPSS Evaluated
2026-06-15
NVD
CVE-2025-11240
Affected Vendors & Products
Showing 1 associated CPE
Vendor Product Version / Range
knime business_hub to 1.16.0 (exc)
Helpful Resources
Exploitability
CWE
CWE Icon
KEV
KEV Icon
CWE ID Description
CWE-601 The web application accepts a user-controlled input that specifies a link to an external site, and uses that link in a redirect.
Attack-Flow Graph
AI Quick Actions
Instant insights powered by AI
Executive Summary

This vulnerability is an open redirect issue in KNIME Business Hub versions prior to 1.16.0. It allows an unauthenticated remote attacker to create a specially crafted link to a legitimate KNIME Business Hub site that, when clicked by a user, redirects them to a web page controlled by the attacker. This can be exploited for phishing or similar attacks.

Impact Analysis

The vulnerability can lead to users being redirected to malicious websites without their knowledge, potentially exposing them to phishing attacks or other harmful activities initiated by attackers.

Mitigation Strategies

The immediate step to mitigate this vulnerability is to upgrade KNIME Business Hub to version 1.16.0 or later, where the open redirect issue has been fixed.

Chat Assistant
Ask questions about this CVE
Hi! I’m here to help you understand CVE-2025-11240. Ask me anything about the vulnerability, its impact, or mitigation strategies.
0/70
EPSS Chart