CVE-2025-1097

CVSS v2.0

9.0

High

Vector

AV:N/AC:L/Au:S/C:C/I:C/A:C

Name of the Vulnerable Software and Affected Versions ingress-nginx versions prior to 1.11.5 ingress-nginx versions 1.12.0-beta.0 through 1.12.0

Description A security issue exists where the auth-tls-match-cn Ingress annotation can be used to inject configuration into nginx. This may allow a remote attacker to execute arbitrary code within the context of the ingress-nginx controller and disclose Secrets accessible to the controller. In default installations, the controller typically has access to all Secrets cluster-wide.

Recommendations Update to version 1.11.5 or later. Update to version 1.12.1 or later. As a temporary workaround, restrict or avoid using the auth-tls-match-cn annotation.

Exploit

Fix

RCE

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-15CWE-20

Related Identifiers

BDU:2025-05140

BIT-NGINX-INGRESS-CONTROLLER-2025-1097

CVE-2025-1097

GHSA-823X-FV5P-H7HW

GO-2025-3565

OPENSUSE-SU-2025:14937-1

Affected Products

Red Os

Ingress-Nginx

CVE-2025-1097

Weakness Enumeration

Related Identifiers

Affected Products

References · 133