Description
DataHub is an open-source metadata platform. Prior to version 1.3.1.8, the LDAP ingestion source is vulnerable to MITM attack through TLS downgrade. This issue has been patched in version 1.3.1.8.
Published: 2026-02-06
Score: 7.5 High
EPSS: < 1% Very Low
KEV: No
Impact: Man‑in‑the‑middle compromise of LDAP traffic
Action: Apply Patch
AI Analysis

Impact

DataHub versions before 1.3.1.8 contained an LDAP ingestion source that accepts downgraded TLS connections, allowing a man‑in‑the‑middle attacker to intercept or tamper with LDAP traffic. This flaw, classified as CWE‑295, permits unauthorized modification or theft of credentials and other metadata exchanged during LDAP queries, thereby undermining both confidentiality and integrity of the data collected by DataHub.

Affected Systems

The vulnerability impacts the open‑source DataHub platform by datahub-project. All installations running any version older than 1.3.1.8 are susceptible; the fix is delivered in version 1.3.1.8 and later.

Risk and Exploitability

The CVSS score of 7.5 places the weakness in the high‑risk category, while the EPSS score of less than 1% indicates a very low likelihood of exploitation in the wild. The vulnerability is not listed in the CISA KEV catalog, suggesting it has not yet been widely exploited. Based on the description, it is inferred that an attacker would need the ability to influence the TLS handshake of the LDAP ingestion connector, which typically requires network access to the DataHub service or a compromised LDAP server.

Generated by OpenCVE AI on April 18, 2026 at 13:26 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade DataHub to version 1.3.1.8 or newer to apply the TLS downgrade protection.
  • Confirm that the LDAP ingestion connector is configured to enforce strict certificate validation and to use only TLS 1.2 or higher with secure cipher suites.
  • Deploy network monitoring to detect abnormal TLS downgrade attempts or unexpected LDAP traffic patterns, and block or alert on such events.

Generated by OpenCVE AI on April 18, 2026 at 13:26 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Fri, 20 Feb 2026 21:15:00 +0000

Type Values Removed Values Added
First Time appeared Datahub
Datahub datahub
CPEs cpe:2.3:a:datahub:datahub:*:*:*:*:*:*:*:*
Vendors & Products Datahub
Datahub datahub

Mon, 09 Feb 2026 16:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Mon, 09 Feb 2026 11:00:00 +0000

Type Values Removed Values Added
First Time appeared Datahub Project
Datahub Project datahub
Vendors & Products Datahub Project
Datahub Project datahub

Fri, 06 Feb 2026 23:00:00 +0000

Type Values Removed Values Added
Description DataHub is an open-source metadata platform. Prior to version 1.3.1.8, the LDAP ingestion source is vulnerable to MITM attack through TLS downgrade. This issue has been patched in version 1.3.1.8.
Title DataHub's LDAP Ingestion Source vulnerable to MITM attack through TLS downgrade
Weaknesses CWE-295
References
Metrics cvssV3_1

{'score': 7.5, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N'}

Subscriptions

Datahub Datahub
Datahub Project Datahub
cve-icon MITRE

Status: PUBLISHED

Assigner: GitHub_M

Published:

Updated: 2026-02-09T15:26:23.022Z

Reserved: 2026-02-04T05:15:41.791Z

Link: CVE-2026-25644

cve-icon Vulnrichment

Updated: 2026-02-09T15:21:51.835Z

cve-icon NVD

Status : Analyzed

Published: 2026-02-06T23:15:54.077

Modified: 2026-02-20T21:03:18.023

Link: CVE-2026-25644

cve-icon Redhat

No data.

cve-icon OpenCVE Enrichment

Updated: 2026-04-18T13:30:45Z

Weaknesses