Lucene search
K

4 matches found

NVD
NVD
added 2025/01/10 4:15 p.m.23 views

CVE-2024-56511

DataEase is an open source data visualization analysis tool. Prior to 2.10.4, there is a flaw in the authentication in the io.dataease.auth.filter.TokenFilter class, which can be bypassed and cause the risk of unauthorized access. In the io.dataease.auth.filter.TokenFilter class,...

9.8CVSS0.20883EPSS
Exploits1References1
CVE
CVE
added 2025/01/10 3:19 p.m.76 views

CVE-2024-56511

DataEase CVE-2024-56511 affects DataEase prior to version 2.10.4. The root cause is a weakness in authentication in io.dataease.auth.filter.TokenFilter where request.getRequestURI is passed to WhitelistUtils.match to decide non-authenticated interfaces; the current whitelist filtering of semicolo...

9.8CVSS6.5AI score0.20883EPSS
Exploits1References1Affected Software1
Cvelist
Cvelist
added 2025/01/10 3:19 p.m.21 views

CVE-2024-56511 DataEase has an unauthorized vulnerability

DataEase is an open source data visualization analysis tool. Prior to 2.10.4, there is a flaw in the authentication in the io.dataease.auth.filter.TokenFilter class, which can be bypassed and cause the risk of unauthorized access. In the io.dataease.auth.filter.TokenFilter class,...

9.3CVSS0.20883EPSS
Exploits1References1
Vulnrichment
Vulnrichment
added 2025/01/10 3:19 p.m.11 views

CVE-2024-56511 DataEase has an unauthorized vulnerability

DataEase is an open source data visualization analysis tool. Prior to 2.10.4, there is a flaw in the authentication in the io.dataease.auth.filter.TokenFilter class, which can be bypassed and cause the risk of unauthorized access. In the io.dataease.auth.filter.TokenFilter class,...

9.3CVSS6.8AI score0.20883EPSS
Exploits1References1
Rows per page
Query Builder