Impact
The flaw originates in the Iggy consumer of Apache Camel, which copies user‑supplied message headers directly into the Camel Exchange without filtering. An attacker who is able to publish to the consumed Iggy stream can therefore inject Camel‑internally scoped control headers such as “CamelHttpUri”. When the downstream route contains an HTTP producer, the attacker‑controlled URI is used in a server‑side request, enabling a classic Server‑Side Request Forgery attack. The HTTP producer additionally interpolates property placeholders in that URI, causing environment‑variable references, application properties, and vault secrets to be resolved and sent to the attacker, thus disclosing sensitive data. The weakness maps to input validation (CWE‑20), information disclosure (CWE‑200), and SSRF (CWE‑918).
Affected Systems
The vulnerability affects all deployments of the Apache Camel Iggy component from version 4.17.0 up to (but not including) 4.18.3, and from 4.19.0 up to (but not including) 4.21.0. These are encompassing all builds of the Apache Software Foundation’s Apache Camel distribution that include the Iggy consumer.
Risk and Exploitability
The CVSS score of 7.5 indicates high severity, while the EPSS score of less than 1 % suggests the exploitation activity has been minimal to date. The vulnerability is not listed in the CISA KEV catalog. Exploitation requires only the ability to publish to the Iggy stream or topic, and the attack path is simple header manipulation. In environments that expose the stream to untrusted actors, the risk is substantially elevated, especially when the Iggy consumer feeds directly into an HTTP producer that can be driven by message headers.
OpenCVE Enrichment