GitHub_MVULNRICHMENT:CVE-2024-23328CVE-2024-23328 The Dataease datasource exists deserialization and arbitrary file read vulnerability
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
Confidence
High
SSVC
Exploitation
poc
Automatable
yes
Technical Impact
total
Dataease is an open source data visualization analysis tool. A deserialization vulnerability exists in the DataEase datasource, which can be exploited to execute arbitrary code. The location of the vulnerability code is core/core-backend/src/main/java/io/dataease/datasource/type/Mysql.java. The blacklist of mysql jdbc attacks can be bypassed and attackers can further exploit it for deserialized execution or reading arbitrary files. This vulnerability is patched in 1.18.15 and 2.3.0.
ADP Affected
[
{
"cpes": [
"cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:*"
],
"vendor": "dataease",
"product": "dataease",
"versions": [
{
"status": "affected",
"version": "0",
"lessThan": "1.18.15",
"versionType": "custom"
},
{
"status": "affected",
"version": "2.0.0",
"lessThan": "2.3.0",
"versionType": "custom"
}
],
"defaultStatus": "unknown"
}
]Related
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N
AI Score
Confidence
High
SSVC
Exploitation
poc
Automatable
yes
Technical Impact
total