Dynatrace Blog NGINX vulnerability: Quickly detect and mitigate IngressNightmare vulnerabilities with Dynatrace

On March 24, 2025, researchers disclosed multiple vulnerabilities affecting Ingress NGINX Controller for Kubernetes. The highest scored vulnerability, CVE-2025-1974, has a CVSS v3.1 base score of 9.8. Successful exploitation requires attackers reaching the admission webhook over the network which is only possible if the webhook has been exposed externally or an attacker is already able to reach the webhook from within the cluster (for example, by having control over a pod). Any publicly exposed deployment of the ingress-nginx controller in version v1.12.0 or less than 1.11.5 could potentially be affected by these vulnerabilities. You can use Dynatrace to find these vulnerable components and search for indicators of compromise.The post NGINX vulnerability: Quickly detect and mitigate IngressNightmare vulnerabilities with Dynatrace appeared first on Dynatrace news.