PT-2026-1820 · Knowage · Knowage
Published
2026-01-07
·
Updated
2026-02-03
·
CVE-2025-58441
CVSS v4.0
6.3
Medium
| Vector | AV:N/AC:L/AT:P/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N |
Name of the Vulnerable Software and Affected Versions
Knowage versions prior to 8.1.37
Description
Knowage is an analytics and business intelligence suite. Versions prior to 8.1.37 contain a blind server-side request forgery issue. This allows attackers to send requests to arbitrary hosts and paths. Due to the inability to read responses, the impact is limited, but internal network scanning is possible.
Recommendations
Update to version 8.1.37 or later.
Exploit
Fix
SSRF
Found an issue in the description? Have something to add? Feel free to write us 👾
Weakness Enumeration
Related Identifiers
Affected Products
Knowage