Описание
Improper Access Control in /tc/rpc in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to view details of database connections via class 'com.jedox.etl.mngr.Connections' and method 'getGlobalConnection'.
Ссылки
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party Advisory
- ExploitThird Party AdvisoryVDB Entry
- ExploitThird Party Advisory
Уязвимые конфигурации
Конфигурация 1
Одно из
cpe:2.3:a:jedox:cloud:-:*:*:*:*:*:*:*
cpe:2.3:a:jedox:jedox:2020.2.5:*:*:*:*:*:*:*
EPSS
Процентиль: 96%
0.28468
Средний
6.5 Medium
CVSS3
Дефекты
NVD-CWE-Other
CWE-863
Связанные уязвимости
CVSS3: 6.5
github
почти 3 года назад
Improper Access Control in /tc/rpc in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to view details of database connections via class 'com.jedox.etl.mngr.Connections' and method 'getGlobalConnection'.
EPSS
Процентиль: 96%
0.28468
Средний
6.5 Medium
CVSS3
Дефекты
NVD-CWE-Other
CWE-863