CData Sync < 23.4.8843 - Path Traversal

A path traversal vulnerability exists in the Java version of CData Sync CData - Sync' - r...

CData API Server < 23.4.8844 - Path Traversal

A path traversal vulnerability exists in the Java version of CData API Server 23.4.8844 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain complete administrative access to the application. id: CVE-2024-31848 info: name: CData API Server...

CVE-2024-31850

A path traversal vulnerability exists in the Java version of CData Arc 23.4.8839 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain access to sensitive information and perform limited actions...

CVE-2024-31851

A path traversal vulnerability exists in the Java version of CData Sync 23.4.8843 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain access to sensitive information and perform limited actions...

The vulnerability in the embedded Jetty server of the CData Arc (ArcESB) business process automation platform allows a perpetrator to gain unauthorized access to protected information and perform arbitrary actions within the system.

The vulnerability of the embedded Jetty server in the CData Arc ArcESB business process automation platform is related to errors in processing the relative path to the catalog. Exploiting this vulnerability can allow an attacker, operating remotely, to gain unauthorized access to protected...

CVE-2024-31850

CVE-2024-31850 affects CData Arc prior to 23.4.8839 (Java version) running with embedded Jetty. A path traversal flaw can let an unauthenticated remote attacker access sensitive information and perform limited actions via crafted HTTP requests. Root cause described as errors in handling relative ...

CVE-2024-31848

A path traversal vulnerability exists in the Java version of CData API Server 23.4.8844 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain complete administrative access to the application...

PT-2024-2856 · Cdata +1 · Cdata Api Server +1

Name of the Vulnerable Software and Affected Versions: CData API Server versions prior to 23.4.8844 Description: A path traversal vulnerability exists in the Java version of CData API Server when running using the embedded Jetty server. This could allow an unauthenticated remote attacker to gain...

PT-2024-2868 · Cdata +1 · Cdata Connect +1

Name of the Vulnerable Software and Affected Versions: CData Connect versions prior to 23.4.8846 Description: A path traversal vulnerability exists in the Java version of CData Connect when running using the embedded Jetty server. This could allow an unauthenticated remote attacker to gain comple...