CVE-2021-44725: 
KNIME server vulnerability analysis and mitigation

KNIME Server before version 4.13.4 contains a directory traversal vulnerability in the profiles section that allows unauthenticated attackers to access arbitrary files and directories on the server's file system (Zigrin Advisory). The vulnerability was discovered by Dawid Czarnecki and was assigned CVE-2021-44725 with a CVSS v3.1 base score of 7.5 (High) (NVD).

The vulnerability exists in the Profiles section of the KNIME server web application. An attacker can manipulate variables that reference files by prepending '../' sequences or using absolute file paths to traverse directories. Due to KNIME server's file-based architecture, this allows unauthorized access to sensitive files including application source code, configuration files, and databases (Zigrin Advisory).

The vulnerability allows attackers to access and steal sensitive data including user password hashes, workflows, licenses, jobs and other confidential information stored on the file system. No authentication is required to exploit this vulnerability, making it particularly severe (Zigrin Advisory).

Users should update to KNIME Server version 4.13.4, 4.12.5, or 4.12.6 which contain fixes for this vulnerability. The issue was addressed in the 4.13.4 release by patching the directory path traversal vulnerability in the client profiles section (KNIME Release Notes).