Apache NiFi Security Flaw Exposes MongoDB Credentials
Security Advisory
A security vulnerability, CVE-2025-27017, has been identified in Apache NiFi.
These events retain usernames/passwords used for MongoDB authentication, violating credential isolation principles.
| OEM | Apache |
| Severity | Medium |
| CVSS | 6.9 |
| CVEs | CVE-2025-27017 |
| Exploited in Wild | No |
| Patch/Remediation Available | Yes |
| Advisory Version | 1.0 |
Overview
A widely used data flow automation tool which allows unauthorized access to MongoDB credentials stored in provenance events. The Versions are affected from v1.13.0 to v2.2.0. In v2.3.0 the issue has been addressed.
| Vulnerability Name | CVE ID | Product Affected | Severity |
| Apache NiFi Credential Exposure | CVE-2025-27017 | Apache NiFi | Medium |
Technical Summary
The vulnerability stems from Apache NiFi’s inclusion of MongoDB usernames and passwords in provenance event records.
Any authorized user with read access to these records can extract credentials information, leading to potential unauthorized access to MongoDB databases.
| CVE ID | System Affected | Vulnerability Details | Impact |
| CVE-2025-27017 | Apache NiFi 1.13.0 – 2.2.0 | MongoDB credentials are stored in provenance events, allowing unauthorized extraction by users with read access. | Unauthorized access to MongoDB databases, potential data breaches. |
Remediation:
- Upgrade to Apache NiFi 2.3.0: The latest version removes credentials from provenance events, mitigating the vulnerability.
General Recommendations:
- Restrict access to provenance data: Ensure only authorized personnel can view provenance records.
- Rotate MongoDB credentials: If affected versions were in use, change database credentials to prevent unauthorized access.
- Conduct security audits: Regularly review system logs and access controls to identify any unauthorized access attempts.
Conclusion:
This vulnerability poses a risk to organizations using Apache NiFi for data processing workflows involving MongoDB. Immediate action is recommended to upgrade to version 2.3.0 or later, restrict access to provenance data, and rotate credentials to mitigate any potential exposure. Organizations should implement stringent security measures to protect against similar vulnerabilities in the future.
This security flaw is particularly concerning because provenance events play a crucial role in auditing and monitoring data flows within NiFi. If left unpatched, this vulnerability could result in data breaches, unauthorized modifications, or even complete database compromise.
References: