Security Vulnerability in Apache NiFi Exposes MongoDB Credentials

A significant security vulnerability has been discovered in Apache NiFi, a popular low-code data flow management platform. The vulnerability, identified as CVE-2025-27017, could potentially expose MongoDB authentication credentials. Apache has released an update to address this security issue.

The vulnerability affects Apache NiFi versions 1.13.0 through 2.2.0. According to security researchers, the issue stems from the platform’s logging functionality. When users access MongoDB through NiFi, the MongoDB component logs usernames and passwords as provenance events, which record how data is processed and transferred within the system.

This logging behavior creates a security risk as any user with permissions to view these logs could potentially access these exposed MongoDB credentials, potentially compromising connected database systems.

Severity and Mitigation

The Common Vulnerability Scoring System (CVSS v4.0) has assigned this vulnerability a base score of 6.9, classifying it as “Medium” severity. While not as critical as some vulnerabilities, the potential exposure of database credentials still represents a significant security concern for organizations using the affected software.

The Apache NiFi development team addressed this vulnerability in version 2.3.0, released on March 11, 2025. Users are strongly encouraged to update their installations to this latest version to protect their MongoDB credentials from potential exposure.

About Apache NiFi

Apache NiFi is an open-source data flow management platform designed to automate the movement of data between disparate systems. It provides a web-based user interface for designing, controlling, and monitoring a dataflow. The platform is particularly popular for its low-code approach, allowing users to create complex data flows with minimal programming.

Originally developed by the National Security Agency (NSA) and later contributed to the Apache Software Foundation, NiFi has become a crucial component in many organizations’ data integration strategies. It excels at handling real-time data processing, transformation, and routing across various systems and protocols.

The platform’s visual interface enables users to build data flows by connecting various processors, which can extract, transform, load, and analyze data from different sources. This capability makes it particularly valuable for organizations dealing with complex data ecosystems and integration challenges.

Given its role in connecting various data systems, including databases like MongoDB, security vulnerabilities in NiFi can have significant implications for an organization’s overall data security posture, highlighting the importance of applying security updates promptly.