CData API Server < 23.4.8844, CData Connect < 23.4.8846, CData Arc < 23.4.8839, CData Sync < 23.4.8843 when running using the embedded Jetty server is affected by a vulnerability allowing an unauthenticated attacker to access unauthorized resources via a specially crafted request.
No source data
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31848
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31849
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31850
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-31851
www.cdata.com/kb/entries/jetty-cve-0324.rst
www.tenable.com/security/research/tra-2024-09