Description
Apache Artemis before version 2.52.0 is affected by an authentication bypass flaw which allows reading all messages exchanged via the broker and injection of new message ( CVE-2026-27446 https://www.cve.org/CVERecord ). Since KNIME Business Hub uses Apache Artemis it is also affected by the issue. However, since Apache Artemis is not exposed to the outside it requires at least normal user privileges and the ability to execute workflows in an executor. Such a user can install and register a federated mirror without authentication to the original Apache Artemis instance and thereby read all internal messages and inject new messages.

The issue affects all versions of KNIME Business Hub. A fixed version of Apache Artemis is shipped with versions 1.18.0, 1.17.4, and 1.16.3.

We recommend updating to a fixed version as soon as possible since no workaround is known.
Published: 2026-03-24
Score: 5.3 Medium
EPSS: < 1% Very Low
KEV: No
Impact: Unauthorized Message Access
Action: Apply Patch
AI Analysis

Impact

The flaw is an authentication bypass in Apache Artemis that permits unauthorized users within KNIME Business Hub to read all broker messages and inject new messages. This gives attackers confidentiality exposure of internal communications and the ability to alter or skew system behavior by sending crafted messages. The vulnerability stems from a missing authentication check during federation registration, which is a form of inadequate authorization (CWE-306).

Affected Systems

All current releases of KNIME Business Hub rely on Apache Artemis versions prior to 2.52.0, making them vulnerable. A patched Artemis is bundled with KNIME Business Hub 1.18.0, 1.17.4, and 1.16.3, which resolve the authentication bypass.

Risk and Exploitability

The CVSS score of 5.3 indicates moderate severity. While no EPSS score is provided and the vulnerability is not listed in the KEV catalog, the issue can be exploited by any user who has normal access to execute workflows in KNIME. The attack requires no external network access because Artemis is not exposed externally; therefore, exploitation is confined to the local system or the KNIME environment.

Generated by OpenCVE AI on March 24, 2026 at 09:20 UTC.

Remediation

No vendor fix or workaround currently provided.

OpenCVE Recommended Actions

  • Upgrade KNIME Business Hub to version 1.18.0, 1.17.4, or 1.16.3 to obtain the patched Apache Artemis.
  • Until the update is applied, restrict workflow execution permissions and ensure that no user can register a federated mirror without proper authentication.

Generated by OpenCVE AI on March 24, 2026 at 09:20 UTC.

Tracking

Sign in to view the affected projects.

Advisories

No advisories yet.

History

Wed, 25 Mar 2026 12:00:00 +0000

Type Values Removed Values Added
First Time appeared Knime
Knime business Hub
Vendors & Products Knime
Knime business Hub

Wed, 25 Mar 2026 00:15:00 +0000

Type Values Removed Values Added
References
Metrics threat_severity

None

 cvssV3_1

{'score': 6.1, 'vector': 'CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:L/A:N'}

threat_severity

Moderate

Tue, 24 Mar 2026 15:15:00 +0000

Type Values Removed Values Added
Metrics ssvc

{'options': {'Automatable': 'no', 'Exploitation': 'none', 'Technical Impact': 'partial'}, 'version': '2.0.3'}

Tue, 24 Mar 2026 08:30:00 +0000

Type Values Removed Values Added
Description Apache Artemis before version 2.52.0 is affected by an authentication bypass flaw which allows reading all messages exchanged via the broker and injection of new message ( CVE-2026-27446 https://www.cve.org/CVERecord ). Since KNIME Business Hub uses Apache Artemis it is also affected by the issue. However, since Apache Artemis is not exposed to the outside it requires at least normal user privileges and the ability to execute workflows in an executor. Such a user can install and register a federated mirror without authentication to the original Apache Artemis instance and thereby read all internal messages and inject new messages. The issue affects all versions of KNIME Business Hub. A fixed version of Apache Artemis is shipped with versions 1.18.0, 1.17.4, and 1.16.3. We recommend updating to a fixed version as soon as possible since no workaround is known.
Title Auth bypass in Apache Artemis allows reading all internal messages
Weaknesses CWE-306
References
Metrics cvssV4_0

{'score': 5.3, 'vector': 'CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/AU:Y/R:U/V:C/RE:M/U:Amber'}

Subscriptions

Knime Business Hub
cve-icon MITRE

Status: PUBLISHED

Assigner: KNIME

Published:

Updated: 2026-03-24T14:09:36.077Z

Reserved: 2026-03-23T12:54:10.876Z

Link: CVE-2026-4649

cve-icon Vulnrichment

Updated: 2026-03-24T14:09:24.132Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2026-03-24T09:16:39.763

Modified: 2026-03-24T15:53:48.067

Link: CVE-2026-4649

cve-icon Redhat

Severity : Moderate

Publid Date: 2026-03-24T08:15:16Z

Links: CVE-2026-4649 - Bugzilla

cve-icon OpenCVE Enrichment

Updated: 2026-03-25T20:39:46Z

Weaknesses