Platform
java
Component
org.apache.streampipes:streampipes-parent
Fixed in
0.97.1
0.98.0
CVE-2025-47411 is a security vulnerability affecting Apache StreamPipes versions up to 0.97.0. This flaw allows a legitimate, non-administrator user to manipulate the user ID creation mechanism, effectively swapping their username with that of an administrator. Successful exploitation can lead to administrative control, enabling data tampering and unauthorized access, and highlighting the need for immediate action.
The core impact of CVE-2025-47411 lies in the potential for unauthorized privilege escalation. An attacker, posing as a regular user, can exploit this vulnerability to assume the identity and permissions of an administrator within the Apache StreamPipes system. This grants them the ability to modify configurations, access sensitive data, and potentially compromise the entire platform. The manipulation of JWT tokens is a key component of this attack, enabling the attacker to impersonate an administrator without proper authentication. The blast radius extends to any data processed or managed by StreamPipes, as an administrator can access and alter it.
CVE-2025-47411 was published on 2026-01-01. Public proof-of-concept (POC) code is currently unavailable, but the vulnerability's nature suggests a relatively low barrier to exploitation once a suitable exploit is developed. The vulnerability is not currently listed on CISA KEV, and there are no confirmed reports of active exploitation at this time. The potential for JWT token manipulation shares similarities with other authentication bypass vulnerabilities, highlighting the importance of robust token security practices.
Exploit Status
EPSS
0.02% (6% percentile)
The primary mitigation for CVE-2025-47411 is to upgrade Apache StreamPipes to version 0.98.0, which includes the necessary fix. If an immediate upgrade is not feasible, consider implementing temporary workarounds. Review user account permissions and restrict access to sensitive functionalities. Implement stricter JWT token validation and rotation policies to minimize the impact of token manipulation. Monitor user activity logs for suspicious behavior, particularly any attempts to modify user profiles or access administrative functions. After upgrading to 0.98.0, confirm the fix by attempting a username swap with a non-administrator account; the operation should fail.
Actualice Apache StreamPipes a la versión 0.98.0 o superior. Esta versión corrige la vulnerabilidad de escalada de privilegios. La actualización evitará que usuarios no autorizados obtengan control administrativo sobre la aplicación.
Vulnerability analysis and critical alerts directly to your inbox.
CVE-2025-47411 is a vulnerability in Apache StreamPipes versions up to 0.97.0 that allows a non-administrator user to swap usernames with an administrator, potentially gaining administrative control.
If you are running Apache StreamPipes version 0.97.0 or earlier, you are potentially affected by this vulnerability. Upgrade to 0.98.0 to mitigate the risk.
The recommended fix is to upgrade Apache StreamPipes to version 0.98.0. If immediate upgrade is not possible, implement temporary workarounds like stricter JWT token validation.
There are currently no confirmed reports of active exploitation of CVE-2025-47411, but the vulnerability's nature suggests a potential for exploitation.
Refer to the official Apache StreamPipes security advisories on their website for the latest information and updates regarding CVE-2025-47411.
Upload your dependency file and we'll tell you instantly if this and other CVEs hit you.
Upload your pom.xml file and we'll tell you instantly if you're affected.