(0Day) CData API Server MySQL Misconfiguration Information Disclosure Vulnerability

This vulnerability allows remote attackers to disclose sensitive information on affected installations of CData API Server. Authentication is required to exploit this vulnerability. The specific flaw exists within the usage of MySQL connections. When connecting to a MySQL server, the product...

PT-2024-2856 · Cdata +1 · Cdata Api Server +1

Name of the Vulnerable Software and Affected Versions: CData API Server versions prior to 23.4.8844 Description: A path traversal vulnerability exists in the Java version of CData API Server when running using the embedded Jetty server. This could allow an unauthenticated remote attacker to gain...