Kubernetes ingress-nginx vulnerabilities CVE-2025-1097, CVE-2025-1098, CVE-2025-1974, and CVE-2025-24514
Environment
- NGINX Controller used in OpenShift
Issue
Wiz Research discovered CVE-2025-1097, CVE-2025-1098, CVE-2025-24514 and CVE-2025-1974, a series of unauthenticated Remote Code Execution vulnerabilities in Ingress NGINX Controller for Kubernetes dubbed #IngressNightmare. Exploiting these vulnerabilities leads to unauthorized access to all secrets stored across all namespaces in the Kubernetes cluster by attackers, which can result in cluster takeover.
These vulnerabilities are all related to NGINX. There is no impact on OpenShift unless NGINX is installed in the OpenShift cluster.
Resolution
If the NGINX Controller is in use, update to the latest version of Ingress NGINX Controller.
Diagnostic Steps
Determine if the cluster is using ingress-nginx.
oc get pods --all-namespaces --selector app.kubernetes.io/name=ingress-nginx
If in use, update to the latest version.
This solution is part of Red Hat’s fast-track publication program, providing a huge library of solutions that Red Hat engineers have created while supporting our customers. To give you the knowledge you need the instant it becomes available, these articles may be presented in a raw and unedited form.
Comments