Lucene search
K

4 matches found

RedhatCVE
RedhatCVE
added 2025/05/23 7:41 a.m.8 views

CVE-2024-55952

DataEase is an open source business analytics tool. Authenticated users can remotely execute code through the backend JDBC connection. When constructing the jdbc connection string, the parameters are not filtered. Constructing the host as...

8.8CVSS8.8AI score0.00868EPSS
Exploits1References1
Circl
Circl
added 2024/12/18 6:52 p.m.18 views

CVE-2024-55952

creationtimestamp| type| source ---|---|--- 2024-12-18 18:52:16+00:00| seen| https://infosec.exchange/users/cve/statuses/113675333546421490 2024-12-18 21:13:33+00:00| seen| https://t.me/cvedetector/13233 2025-02-20 23:26:55+00:00| seen| Telegram/dRP6a6Ya1aIndRCDkvnfQabYrA4rAxqYlALU4rFX9zu7zMmb...

8.8CVSS4.8AI score0.00868EPSS
Exploits1References2
CVE
CVE
added 2024/12/18 6:49 p.m.59 views

CVE-2024-55952

DataEase DataEase vulnerability CVE-2024-55952 allows authenticated users to execute code remotely via the backend JDBC connection by constructing an unsanitized JDBC URL. The host string example ip:5432/test/?socketFactory=org.springframework.context.support.ClassPathXmlApplicationContext&socket...

8.8CVSS6.8AI score0.00868EPSS
Exploits1References2Affected Software1
Vulnrichment
Vulnrichment
added 2024/12/18 6:49 p.m.18 views

CVE-2024-55952 Dataease Redshift Data Source JDBC Connection Parameters Not Verified Leads to RCE Vulnerability

DataEase is an open source business analytics tool. Authenticated users can remotely execute code through the backend JDBC connection. When constructing the jdbc connection string, the parameters are not filtered. Constructing the host as...

8.6CVSS7.2AI score0.00868EPSS
Exploits1References2
Rows per page
Query Builder