All the vulnerabilites related to dataease - dataease
cve-2023-25807
Vulnerability from cvelistv5
Published
2023-02-28 15:05
Modified
2024-08-02 11:32
Severity ?
EPSS score ?
Summary
DataEase is an open source data visualization and analysis tool. When saving a dashboard on the DataEase platform saved data can be modified and store malicious code. This vulnerability can lead to the execution of malicious code stored by the attacker on the server side when the user accesses the dashboard. The vulnerability has been fixed in version 1.18.3.
References
▼ | URL | Tags |
---|---|---|
https://github.com/dataease/dataease/security/advisories/GHSA-xj3h-3wmw-j5vf | x_refsource_CONFIRM | |
https://github.com/dataease/dataease/commit/cc94fb8e69ddbb37c96d02ec0f0ddcd74273ef49 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T11:32:12.744Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-xj3h-3wmw-j5vf", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-xj3h-3wmw-j5vf" }, { "name": "https://github.com/dataease/dataease/commit/cc94fb8e69ddbb37c96d02ec0f0ddcd74273ef49", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/dataease/dataease/commit/cc94fb8e69ddbb37c96d02ec0f0ddcd74273ef49" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "dataease", "vendor": "dataease", "versions": [ { "status": "affected", "version": "\u003c 1.18.3" } ] } ], "descriptions": [ { "lang": "en", "value": "DataEase is an open source data visualization and analysis tool. When saving a dashboard on the DataEase platform saved data can be modified and store malicious code. This vulnerability can lead to the execution of malicious code stored by the attacker on the server side when the user accesses the dashboard. The vulnerability has been fixed in version 1.18.3.\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.2, "baseSeverity": "HIGH", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "NONE", "scope": "CHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-02-28T15:05:33.087Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-xj3h-3wmw-j5vf", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-xj3h-3wmw-j5vf" }, { "name": "https://github.com/dataease/dataease/commit/cc94fb8e69ddbb37c96d02ec0f0ddcd74273ef49", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/dataease/dataease/commit/cc94fb8e69ddbb37c96d02ec0f0ddcd74273ef49" } ], "source": { "advisory": "GHSA-xj3h-3wmw-j5vf", "discovery": "UNKNOWN" }, "title": "DataEase dashboard has a stored XSS vulnerability" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2023-25807", "datePublished": "2023-02-28T15:05:33.087Z", "dateReserved": "2023-02-15T16:34:48.772Z", "dateUpdated": "2024-08-02T11:32:12.744Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-37258
Vulnerability from cvelistv5
Published
2023-07-25 19:36
Modified
2024-10-03 19:11
Severity ?
EPSS score ?
Summary
DataEase is an open source data visualization analysis tool. Prior to version 1.18.9, DataEase has a SQL injection vulnerability that can bypass blacklists. The vulnerability has been fixed in v1.18.9. There are no known workarounds.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:09:33.656Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-r39x-fcc6-47g4", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-r39x-fcc6-47g4" }, { "name": "https://github.com/dataease/dataease/blob/dev/backend/src/main/java/io/dataease/controller/panel/AppLogController.java#L41", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/dataease/dataease/blob/dev/backend/src/main/java/io/dataease/controller/panel/AppLogController.java#L41" }, { "name": "https://github.com/dataease/dataease/blob/dev/backend/src/main/java/io/dataease/ext/ExtDataSourceMapper.java", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/dataease/dataease/blob/dev/backend/src/main/java/io/dataease/ext/ExtDataSourceMapper.java" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "dataease", "vendor": "dataease", "versions": [ { "lessThan": "1.18.9", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-37258", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-10-03T19:10:40.945640Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-03T19:11:49.013Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "dataease", "vendor": "dataease", "versions": [ { "status": "affected", "version": "\u003c 1.18.9" } ] } ], "descriptions": [ { "lang": "en", "value": "DataEase is an open source data visualization analysis tool. Prior to version 1.18.9, DataEase has a SQL injection vulnerability that can bypass blacklists. The vulnerability has been fixed in v1.18.9. There are no known workarounds." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-89", "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-25T19:36:14.962Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-r39x-fcc6-47g4", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-r39x-fcc6-47g4" }, { "name": "https://github.com/dataease/dataease/blob/dev/backend/src/main/java/io/dataease/controller/panel/AppLogController.java#L41", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/dataease/dataease/blob/dev/backend/src/main/java/io/dataease/controller/panel/AppLogController.java#L41" }, { "name": "https://github.com/dataease/dataease/blob/dev/backend/src/main/java/io/dataease/ext/ExtDataSourceMapper.java", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/dataease/dataease/blob/dev/backend/src/main/java/io/dataease/ext/ExtDataSourceMapper.java" } ], "source": { "advisory": "GHSA-r39x-fcc6-47g4", "discovery": "UNKNOWN" }, "title": "DataEase has a SQL injection vulnerability that can bypass blacklists" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2023-37258", "datePublished": "2023-07-25T19:36:14.962Z", "dateReserved": "2023-06-29T19:35:26.436Z", "dateUpdated": "2024-10-03T19:11:49.013Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-34113
Vulnerability from cvelistv5
Published
2022-07-22 22:17
Modified
2024-08-03 08:16
Severity ?
EPSS score ?
Summary
An issue in the component /api/plugin/upload of Dataease v1.11.1 allows attackers to execute arbitrary code via a crafted plugin.
References
▼ | URL | Tags |
---|---|---|
https://github.com/dataease/dataease/issues/2431 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T08:16:16.620Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/dataease/dataease/issues/2431" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "An issue in the component /api/plugin/upload of Dataease v1.11.1 allows attackers to execute arbitrary code via a crafted plugin." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-07-22T22:17:02", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/dataease/dataease/issues/2431" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-34113", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An issue in the component /api/plugin/upload of Dataease v1.11.1 allows attackers to execute arbitrary code via a crafted plugin." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/dataease/dataease/issues/2431", "refsource": "MISC", "url": "https://github.com/dataease/dataease/issues/2431" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-34113", "datePublished": "2022-07-22T22:17:07", "dateReserved": "2022-06-20T00:00:00", "dateUpdated": "2024-08-03T08:16:16.620Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-30269
Vulnerability from cvelistv5
Published
2024-04-08 14:19
Modified
2024-08-02 01:32
Severity ?
EPSS score ?
Summary
DataEase, an open source data visualization and analysis tool, has a database configuration information exposure vulnerability prior to version 2.5.0. Visiting the `/de2api/engine/getEngine;.js` path via a browser reveals that the platform's database configuration is returned. The vulnerability has been fixed in v2.5.0. No known workarounds are available aside from upgrading.
References
▼ | URL | Tags |
---|---|---|
https://github.com/dataease/dataease/security/advisories/GHSA-8gvx-4qvj-6vv5 | x_refsource_CONFIRM | |
https://github.com/dataease/dataease/releases/tag/v2.5.0 | x_refsource_MISC |
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "dataease", "vendor": "dataease", "versions": [ { "lessThan": "2.5.0", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-30269", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-04-09T14:45:53.286254Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-07-31T19:26:07.521Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T01:32:07.018Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-8gvx-4qvj-6vv5", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-8gvx-4qvj-6vv5" }, { "name": "https://github.com/dataease/dataease/releases/tag/v2.5.0", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/dataease/dataease/releases/tag/v2.5.0" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "dataease", "vendor": "dataease", "versions": [ { "status": "affected", "version": "\u003c 2.5.0" } ] } ], "descriptions": [ { "lang": "en", "value": "DataEase, an open source data visualization and analysis tool, has a database configuration information exposure vulnerability prior to version 2.5.0. Visiting the `/de2api/engine/getEngine;.js` path via a browser reveals that the platform\u0027s database configuration is returned. The vulnerability has been fixed in v2.5.0. No known workarounds are available aside from upgrading." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-200", "description": "CWE-200: Exposure of Sensitive Information to an Unauthorized Actor", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-04-08T14:19:56.293Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-8gvx-4qvj-6vv5", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-8gvx-4qvj-6vv5" }, { "name": "https://github.com/dataease/dataease/releases/tag/v2.5.0", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/dataease/dataease/releases/tag/v2.5.0" } ], "source": { "advisory": "GHSA-8gvx-4qvj-6vv5", "discovery": "UNKNOWN" }, "title": "DataEase has database configuration information exposure vulnerability" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2024-30269", "datePublished": "2024-04-08T14:19:56.293Z", "dateReserved": "2024-03-26T12:52:00.935Z", "dateUpdated": "2024-08-02T01:32:07.018Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-23328
Vulnerability from cvelistv5
Published
2024-02-01 15:40
Modified
2024-08-28 16:36
Severity ?
EPSS score ?
Summary
Dataease is an open source data visualization analysis tool. A deserialization vulnerability exists in the DataEase datasource, which can be exploited to execute arbitrary code. The location of the vulnerability code is `core/core-backend/src/main/java/io/dataease/datasource/type/Mysql.java.` The blacklist of mysql jdbc attacks can be bypassed and attackers can further exploit it for deserialized execution or reading arbitrary files. This vulnerability is patched in 1.18.15 and 2.3.0.
References
▼ | URL | Tags |
---|---|---|
https://github.com/dataease/dataease/security/advisories/GHSA-8x8q-p622-jf25 | x_refsource_CONFIRM | |
https://github.com/dataease/dataease/commit/4128adf5fc4592b55fa1722a53b178967545d46a | x_refsource_MISC | |
https://github.com/dataease/dataease/commit/bb540e6dc83df106ac3253f331066129a7487d1a | x_refsource_MISC |
Impacted products
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-01T22:59:32.197Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-8x8q-p622-jf25", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-8x8q-p622-jf25" }, { "name": "https://github.com/dataease/dataease/commit/4128adf5fc4592b55fa1722a53b178967545d46a", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/dataease/dataease/commit/4128adf5fc4592b55fa1722a53b178967545d46a" }, { "name": "https://github.com/dataease/dataease/commit/bb540e6dc83df106ac3253f331066129a7487d1a", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/dataease/dataease/commit/bb540e6dc83df106ac3253f331066129a7487d1a" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "dataease", "vendor": "dataease", "versions": [ { "lessThan": "1.18.15", "status": "affected", "version": "0", "versionType": "custom" }, { "lessThan": "2.3.0", "status": "affected", "version": "2.0.0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-23328", "options": [ { "Exploitation": "poc" }, { "Automatable": "yes" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-08-28T16:34:24.598958Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-08-28T16:36:41.670Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "dataease", "vendor": "dataease", "versions": [ { "status": "affected", "version": "\u003c 1.18.15" }, { "status": "affected", "version": "\u003e= 2.0.0, \u003c 2.3.0" } ] } ], "descriptions": [ { "lang": "en", "value": "Dataease is an open source data visualization analysis tool. A deserialization vulnerability exists in the DataEase datasource, which can be exploited to execute arbitrary code. The location of the vulnerability code is `core/core-backend/src/main/java/io/dataease/datasource/type/Mysql.java.` The blacklist of mysql jdbc attacks can be bypassed and attackers can further exploit it for deserialized execution or reading arbitrary files. This vulnerability is patched in 1.18.15 and 2.3.0." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 9.1, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-502", "description": "CWE-502: Deserialization of Untrusted Data", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-02-01T15:40:24.236Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-8x8q-p622-jf25", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-8x8q-p622-jf25" }, { "name": "https://github.com/dataease/dataease/commit/4128adf5fc4592b55fa1722a53b178967545d46a", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/dataease/dataease/commit/4128adf5fc4592b55fa1722a53b178967545d46a" }, { "name": "https://github.com/dataease/dataease/commit/bb540e6dc83df106ac3253f331066129a7487d1a", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/dataease/dataease/commit/bb540e6dc83df106ac3253f331066129a7487d1a" } ], "source": { "advisory": "GHSA-8x8q-p622-jf25", "discovery": "UNKNOWN" }, "title": "The Dataease datasource exists deserialization and arbitrary file read vulnerability" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2024-23328", "datePublished": "2024-02-01T15:40:24.236Z", "dateReserved": "2024-01-15T15:19:19.441Z", "dateUpdated": "2024-08-28T16:36:41.670Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-31441
Vulnerability from cvelistv5
Published
2024-05-10 14:43
Modified
2024-08-02 01:52
Severity ?
EPSS score ?
Summary
DataEase is an open source data visualization analysis tool. Due to the lack of restrictions on the connection parameters for the ClickHouse data source, it is possible to exploit certain malicious parameters to achieve arbitrary file reading. The vulnerability has been fixed in v1.18.19.
References
▼ | URL | Tags |
---|---|---|
https://github.com/dataease/dataease/security/advisories/GHSA-h7hj-7wg6-p5wh | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:dataease_project:dataease:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "dataease", "vendor": "dataease_project", "versions": [ { "lessThan": "1.18.19", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-31441", "options": [ { "Exploitation": "poc" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-05-13T12:42:05.759062Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-06-04T17:36:03.004Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" }, { "providerMetadata": { "dateUpdated": "2024-08-02T01:52:56.914Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-h7hj-7wg6-p5wh", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-h7hj-7wg6-p5wh" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "dataease", "vendor": "dataease", "versions": [ { "status": "affected", "version": "\u003c 1.18.19" } ] } ], "descriptions": [ { "lang": "en", "value": "DataEase is an open source data visualization analysis tool. Due to the lack of restrictions on the connection parameters for the ClickHouse data source, it is possible to exploit certain malicious parameters to achieve arbitrary file reading. The vulnerability has been fixed in v1.18.19." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-863", "description": "CWE-863: Incorrect Authorization", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-05-10T14:43:23.863Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-h7hj-7wg6-p5wh", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-h7hj-7wg6-p5wh" } ], "source": { "advisory": "GHSA-h7hj-7wg6-p5wh", "discovery": "UNKNOWN" }, "title": "Arbitrary File Reading in DataEase" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2024-31441", "datePublished": "2024-05-10T14:43:23.863Z", "dateReserved": "2024-04-03T17:55:32.644Z", "dateUpdated": "2024-08-02T01:52:56.914Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-28637
Vulnerability from cvelistv5
Published
2023-03-28 20:02
Modified
2024-08-02 13:43
Severity ?
EPSS score ?
Summary
DataEase is an open source data visualization analysis tool. In Dataease users are normally allowed to modify data and the data sources are expected to properly sanitize data. The AWS redshift data source does not provide data sanitization which may lead to remote code execution. This vulnerability has been fixed in v1.18.5. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
▼ | URL | Tags |
---|---|---|
https://github.com/dataease/dataease/security/advisories/GHSA-8wg2-9gwc-5fx2 | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T13:43:23.546Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-8wg2-9gwc-5fx2", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-8wg2-9gwc-5fx2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "dataease", "vendor": "dataease", "versions": [ { "status": "affected", "version": "\u003c 1.18.5" } ] } ], "descriptions": [ { "lang": "en", "value": "DataEase is an open source data visualization analysis tool. In Dataease users are normally allowed to modify data and the data sources are expected to properly sanitize data. The AWS redshift data source does not provide data sanitization which may lead to remote code execution. This vulnerability has been fixed in v1.18.5. Users are advised to upgrade. There are no known workarounds for this vulnerability." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-74", "description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-28T20:02:54.017Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-8wg2-9gwc-5fx2", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-8wg2-9gwc-5fx2" } ], "source": { "advisory": "GHSA-8wg2-9gwc-5fx2", "discovery": "UNKNOWN" }, "title": "DataEase AWS redshift data source exists for remote code execution vulnerability" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2023-28637", "datePublished": "2023-03-28T20:02:54.017Z", "dateReserved": "2023-03-20T12:19:47.208Z", "dateUpdated": "2024-08-02T13:43:23.546Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2021-38239
Vulnerability from cvelistv5
Published
2023-02-15 00:00
Modified
2024-08-04 01:37
Severity ?
EPSS score ?
Summary
SQL Injection vulnerability in dataease before 1.2.0, allows attackers to gain sensitive information via the orders parameter to /api/sys_msg/list/1/10.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-04T01:37:16.303Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/dataease/dataease/issues/510" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "SQL Injection vulnerability in dataease before 1.2.0, allows attackers to gain sensitive information via the orders parameter to /api/sys_msg/list/1/10." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-02-15T00:00:00", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/dataease/dataease/issues/510" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2021-38239", "datePublished": "2023-02-15T00:00:00", "dateReserved": "2021-08-09T00:00:00", "dateUpdated": "2024-08-04T01:37:16.303Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-46997
Vulnerability from cvelistv5
Published
2024-09-23 15:14
Modified
2024-09-23 15:43
Severity ?
EPSS score ?
Summary
DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, an attacker can achieve remote command execution by adding a carefully constructed h2 data source connection string. The vulnerability has been fixed in v2.10.1.
References
▼ | URL | Tags |
---|---|---|
https://github.com/dataease/dataease/security/advisories/GHSA-h7mj-m72h-qm8w | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "dataease", "vendor": "dataease", "versions": [ { "lessThan": "2.10.1", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-46997", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-09-23T15:42:28.717827Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-23T15:43:39.577Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "dataease", "vendor": "dataease", "versions": [ { "status": "affected", "version": "\u003c 2.10.1" } ] } ], "descriptions": [ { "lang": "en", "value": "DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, an attacker can achieve remote command execution by adding a carefully constructed h2 data source connection string. The vulnerability has been fixed in v2.10.1." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-74", "description": "CWE-74: Improper Neutralization of Special Elements in Output Used by a Downstream Component (\u0027Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-23T15:14:26.550Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-h7mj-m72h-qm8w", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-h7mj-m72h-qm8w" } ], "source": { "advisory": "GHSA-h7mj-m72h-qm8w", "discovery": "UNKNOWN" }, "title": "DataEase\u0027s H2 datasource has a remote command execution risk" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2024-46997", "datePublished": "2024-09-23T15:14:26.550Z", "dateReserved": "2024-09-16T16:10:09.021Z", "dateUpdated": "2024-09-23T15:43:39.577Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-55953
Vulnerability from cvelistv5
Published
2024-12-18 18:49
Modified
2024-12-18 19:16
Severity ?
EPSS score ?
Summary
DataEase is an open source business analytics tool. Authenticated users can read and deserialize arbitrary files through the background JDBC connection. When constructing the jdbc connection string, the parameters are not filtered. This vulnerability has been fixed in v1.18.27. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
▼ | URL | Tags |
---|---|---|
https://github.com/dataease/dataease/security/advisories/GHSA-mrf3-9q84-rcmf | x_refsource_CONFIRM | |
https://github.com/dataease/dataease/commit/0db4872a52eccf6e83dd9359aa05db52dd580ec1 | x_refsource_MISC |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-55953", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-12-18T19:06:38.097484Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-18T19:16:27.090Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "dataease", "vendor": "dataease", "versions": [ { "status": "affected", "version": "\u003c 1.18.27" } ] } ], "descriptions": [ { "lang": "en", "value": "DataEase is an open source business analytics tool. Authenticated users can read and deserialize arbitrary files through the background JDBC connection. When constructing the jdbc connection string, the parameters are not filtered. This vulnerability has been fixed in v1.18.27. Users are advised to upgrade. There are no known workarounds for this vulnerability." } ], "metrics": [ { "cvssV4_0": { "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.6, "baseSeverity": "HIGH", "privilegesRequired": "LOW", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-89", "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-18T18:49:21.632Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-mrf3-9q84-rcmf", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-mrf3-9q84-rcmf" }, { "name": "https://github.com/dataease/dataease/commit/0db4872a52eccf6e83dd9359aa05db52dd580ec1", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/dataease/dataease/commit/0db4872a52eccf6e83dd9359aa05db52dd580ec1" } ], "source": { "advisory": "GHSA-mrf3-9q84-rcmf", "discovery": "UNKNOWN" }, "title": "Dataease Mysql JDBC Connection Parameters Not Verified Leads to Deserialization and Arbitrary File Read Vulnerability" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2024-55953", "datePublished": "2024-12-18T18:49:21.632Z", "dateReserved": "2024-12-13T17:47:38.371Z", "dateUpdated": "2024-12-18T19:16:27.090Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-32310
Vulnerability from cvelistv5
Published
2023-06-01 15:05
Modified
2024-08-02 15:10
Severity ?
EPSS score ?
Summary
DataEase is an open source data visualization and analysis tool. The API interface for DataEase delete dashboard and delete system messages is vulnerable to insecure direct object references (IDOR). This could result in a user deleting another user's dashboard or messages or interfering with the interface for marking messages read. The vulnerability has been fixed in v1.18.7. There are no known workarounds aside from upgrading.
References
▼ | URL | Tags |
---|---|---|
https://github.com/dataease/dataease/security/advisories/GHSA-7hv6-gv38-78wj | x_refsource_CONFIRM | |
https://github.com/dataease/dataease/pull/5342 | x_refsource_MISC | |
https://github.com/dataease/dataease/commit/72f428e87b5395c03d2f94ef6185fc247ddbc8dc | x_refsource_MISC | |
https://github.com/dataease/dataease/releases/tag/v1.18.7 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:10:24.609Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-7hv6-gv38-78wj", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-7hv6-gv38-78wj" }, { "name": "https://github.com/dataease/dataease/pull/5342", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/dataease/dataease/pull/5342" }, { "name": "https://github.com/dataease/dataease/commit/72f428e87b5395c03d2f94ef6185fc247ddbc8dc", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/dataease/dataease/commit/72f428e87b5395c03d2f94ef6185fc247ddbc8dc" }, { "name": "https://github.com/dataease/dataease/releases/tag/v1.18.7", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/dataease/dataease/releases/tag/v1.18.7" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "dataease", "vendor": "dataease", "versions": [ { "status": "affected", "version": "\u003c 1.18.7" } ] } ], "descriptions": [ { "lang": "en", "value": "DataEase is an open source data visualization and analysis tool. The API interface for DataEase delete dashboard and delete system messages is vulnerable to insecure direct object references (IDOR). This could result in a user deleting another user\u0027s dashboard or messages or interfering with the interface for marking messages read. The vulnerability has been fixed in v1.18.7. There are no known workarounds aside from upgrading." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-639", "description": "CWE-639: Authorization Bypass Through User-Controlled Key", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-01T15:05:00.439Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-7hv6-gv38-78wj", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-7hv6-gv38-78wj" }, { "name": "https://github.com/dataease/dataease/pull/5342", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/dataease/dataease/pull/5342" }, { "name": "https://github.com/dataease/dataease/commit/72f428e87b5395c03d2f94ef6185fc247ddbc8dc", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/dataease/dataease/commit/72f428e87b5395c03d2f94ef6185fc247ddbc8dc" }, { "name": "https://github.com/dataease/dataease/releases/tag/v1.18.7", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/dataease/dataease/releases/tag/v1.18.7" } ], "source": { "advisory": "GHSA-7hv6-gv38-78wj", "discovery": "UNKNOWN" }, "title": "DataEase API interface has IDOR vulnerability" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2023-32310", "datePublished": "2023-06-01T15:05:00.439Z", "dateReserved": "2023-05-08T13:26:03.878Z", "dateUpdated": "2024-08-02T15:10:24.609Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-37257
Vulnerability from cvelistv5
Published
2023-07-25 19:04
Modified
2024-10-03 19:21
Severity ?
EPSS score ?
Summary
DataEase is an open source data visualization analysis tool. Prior to version 1.18.9, the DataEase panel and dataset have a stored cross-site scripting vulnerability. The vulnerability has been fixed in v1.18.9. There are no known workarounds.
References
▼ | URL | Tags |
---|---|---|
https://github.com/dataease/dataease/security/advisories/GHSA-7cm3-9pp6-q2fq | x_refsource_CONFIRM | |
https://github.com/dataease/dataease/releases/tag/v1.18.9 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T17:09:32.946Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-7cm3-9pp6-q2fq", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-7cm3-9pp6-q2fq" }, { "name": "https://github.com/dataease/dataease/releases/tag/v1.18.9", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/dataease/dataease/releases/tag/v1.18.9" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "dataease", "vendor": "dataease", "versions": [ { "lessThan": "1.18.9", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-37257", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-03T19:12:48.577715Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-03T19:21:03.990Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "dataease", "vendor": "dataease", "versions": [ { "status": "affected", "version": "\u003c 1.18.9" } ] } ], "descriptions": [ { "lang": "en", "value": "DataEase is an open source data visualization analysis tool. Prior to version 1.18.9, the DataEase panel and dataset have a stored cross-site scripting vulnerability. The vulnerability has been fixed in v1.18.9. There are no known workarounds." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 5.4, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "CHANGED", "userInteraction": "REQUIRED", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:C/C:L/I:L/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-07-25T19:04:07.605Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-7cm3-9pp6-q2fq", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-7cm3-9pp6-q2fq" }, { "name": "https://github.com/dataease/dataease/releases/tag/v1.18.9", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/dataease/dataease/releases/tag/v1.18.9" } ], "source": { "advisory": "GHSA-7cm3-9pp6-q2fq", "discovery": "UNKNOWN" }, "title": "The DataEase panel and dataset have a stored XSS vulnerability" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2023-37257", "datePublished": "2023-07-25T19:04:07.605Z", "dateReserved": "2023-06-29T19:35:26.436Z", "dateUpdated": "2024-10-03T19:21:03.990Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-52295
Vulnerability from cvelistv5
Published
2024-11-13 15:49
Modified
2024-11-21 15:03
Severity ?
EPSS score ?
Summary
DataEase is an open source data visualization analysis tool. Prior to 2.10.2, DataEase allows attackers to forge jwt and take over services. The JWT secret is hardcoded in the code, and the UID and OID are hardcoded. The vulnerability has been fixed in v2.10.2.
References
▼ | URL | Tags |
---|---|---|
https://github.com/dataease/dataease/security/advisories/GHSA-45v9-gfcv-xcq6 | x_refsource_CONFIRM | |
https://github.com/dataease/dataease/commit/e755248d59543bcd668ace495f293ff735fa82e9 | x_refsource_MISC |
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "dataease", "vendor": "dataease", "versions": [ { "lessThan": "2.10.2", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-52295", "options": [ { "Exploitation": "poc" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-13T18:57:42.959404Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-21T15:03:25.532Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "dataease", "vendor": "dataease", "versions": [ { "status": "affected", "version": "\u003c 2.10.2" } ] } ], "descriptions": [ { "lang": "en", "value": "DataEase is an open source data visualization analysis tool. Prior to 2.10.2, DataEase allows attackers to forge jwt and take over services. The JWT secret is hardcoded in the code, and the UID and OID are hardcoded. The vulnerability has been fixed in v2.10.2." } ], "metrics": [ { "cvssV4_0": { "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.3, "baseSeverity": "CRITICAL", "privilegesRequired": "NONE", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-798", "description": "CWE-798: Use of Hard-coded Credentials", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-13T15:49:20.363Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-45v9-gfcv-xcq6", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-45v9-gfcv-xcq6" }, { "name": "https://github.com/dataease/dataease/commit/e755248d59543bcd668ace495f293ff735fa82e9", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/dataease/dataease/commit/e755248d59543bcd668ace495f293ff735fa82e9" } ], "source": { "advisory": "GHSA-45v9-gfcv-xcq6", "discovery": "UNKNOWN" }, "title": "DataEase has a forged JWT token vulnerability" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2024-52295", "datePublished": "2024-11-13T15:49:20.363Z", "dateReserved": "2024-11-06T19:00:26.394Z", "dateUpdated": "2024-11-21T15:03:25.532Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-40183
Vulnerability from cvelistv5
Published
2023-09-21 14:21
Modified
2024-09-24 18:17
Severity ?
EPSS score ?
Summary
DataEase is an open source data visualization and analysis tool. Prior to version 1.18.11, DataEase has a vulnerability that allows an attacker to to obtain user cookies. The program only uses the `ImageIO.read()` method to determine whether the file is an image file or not. There is no whitelisting restriction on file suffixes. This allows the attacker to synthesize the attack code into an image for uploading and change the file extension to html. The attacker may steal user cookies by accessing links. The vulnerability has been fixed in v1.18.11. There are no known workarounds.
References
▼ | URL | Tags |
---|---|---|
https://github.com/dataease/dataease/security/advisories/GHSA-w2r4-2r4w-fjxv | x_refsource_CONFIRM | |
https://github.com/dataease/dataease/commit/826513053146721a2b3e09a9c9d3ea41f8f10569 | x_refsource_MISC | |
https://github.com/dataease/dataease/releases/tag/v1.18.11 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T18:24:55.642Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-w2r4-2r4w-fjxv", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-w2r4-2r4w-fjxv" }, { "name": "https://github.com/dataease/dataease/commit/826513053146721a2b3e09a9c9d3ea41f8f10569", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/dataease/dataease/commit/826513053146721a2b3e09a9c9d3ea41f8f10569" }, { "name": "https://github.com/dataease/dataease/releases/tag/v1.18.11", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/dataease/dataease/releases/tag/v1.18.11" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-40183", "options": [ { "Exploitation": "poc" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-24T18:17:04.701831Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-24T18:17:15.144Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "dataease", "vendor": "dataease", "versions": [ { "status": "affected", "version": "\u003c 1.18.11" } ] } ], "descriptions": [ { "lang": "en", "value": "DataEase is an open source data visualization and analysis tool. Prior to version 1.18.11, DataEase has a vulnerability that allows an attacker to to obtain user cookies. The program only uses the `ImageIO.read()` method to determine whether the file is an image file or not. There is no whitelisting restriction on file suffixes. This allows the attacker to synthesize the attack code into an image for uploading and change the file extension to html. The attacker may steal user cookies by accessing links. The vulnerability has been fixed in v1.18.11. There are no known workarounds." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-434", "description": "CWE-434: Unrestricted Upload of File with Dangerous Type", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-21T14:21:49.833Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-w2r4-2r4w-fjxv", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-w2r4-2r4w-fjxv" }, { "name": "https://github.com/dataease/dataease/commit/826513053146721a2b3e09a9c9d3ea41f8f10569", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/dataease/dataease/commit/826513053146721a2b3e09a9c9d3ea41f8f10569" }, { "name": "https://github.com/dataease/dataease/releases/tag/v1.18.11", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/dataease/dataease/releases/tag/v1.18.11" } ], "source": { "advisory": "GHSA-w2r4-2r4w-fjxv", "discovery": "UNKNOWN" }, "title": "DataEase has a vulnerability to obtain user cookies" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2023-40183", "datePublished": "2023-09-21T14:21:49.833Z", "dateReserved": "2023-08-09T15:26:41.053Z", "dateUpdated": "2024-09-24T18:17:15.144Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-34463
Vulnerability from cvelistv5
Published
2023-06-26 20:29
Modified
2024-11-06 17:25
Severity ?
EPSS score ?
Summary
DataEase is an open source data visualization analysis tool to analyze data and gain insight into business trends. In affected versions Unauthorized users can delete an application erroneously. This vulnerability has been fixed in version 1.18.8. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
▼ | URL | Tags |
---|---|---|
https://github.com/dataease/dataease/security/advisories/GHSA-4c4p-qfwq-85fj | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:10:07.016Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-4c4p-qfwq-85fj", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-4c4p-qfwq-85fj" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "dataease", "vendor": "dataease", "versions": [ { "lessThan": "1.18.8", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-34463", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-06T17:24:49.718401Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-06T17:25:21.137Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "dataease", "vendor": "dataease", "versions": [ { "status": "affected", "version": "\u003c 1.18.8" } ] } ], "descriptions": [ { "lang": "en", "value": "DataEase is an open source data visualization analysis tool to analyze data and gain insight into business trends. In affected versions Unauthorized users can delete an application erroneously. This vulnerability has been fixed in version 1.18.8. Users are advised to upgrade. There are no known workarounds for this vulnerability." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.1, "baseSeverity": "HIGH", "confidentialityImpact": "NONE", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-862", "description": "CWE-862: Missing Authorization", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-26T20:29:38.074Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-4c4p-qfwq-85fj", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-4c4p-qfwq-85fj" } ], "source": { "advisory": "GHSA-4c4p-qfwq-85fj", "discovery": "UNKNOWN" }, "title": "Unauthorized users can delete applications in DataEase" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2023-34463", "datePublished": "2023-06-26T20:29:38.074Z", "dateReserved": "2023-06-06T16:16:53.560Z", "dateUpdated": "2024-11-06T17:25:21.137Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-46985
Vulnerability from cvelistv5
Published
2024-09-23 15:12
Modified
2024-09-23 15:44
Severity ?
EPSS score ?
Summary
DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, there is an XML external entity injection vulnerability in the static resource upload interface of DataEase. An attacker can construct a payload to implement intranet detection and file reading. The vulnerability has been fixed in v2.10.1.
References
▼ | URL | Tags |
---|---|---|
https://github.com/dataease/dataease/security/advisories/GHSA-4m9p-7xg6-f4mm | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-46985", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-09-23T15:44:46.910301Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-09-23T15:44:55.968Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "dataease", "vendor": "dataease", "versions": [ { "status": "affected", "version": "\u003c 2.10.1" } ] } ], "descriptions": [ { "lang": "en", "value": "DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, there is an XML external entity injection vulnerability in the static resource upload interface of DataEase. An attacker can construct a payload to implement intranet detection and file reading. The vulnerability has been fixed in v2.10.1." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 7.5, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-611", "description": "CWE-611: Improper Restriction of XML External Entity Reference", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-09-23T15:12:21.539Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-4m9p-7xg6-f4mm", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-4m9p-7xg6-f4mm" } ], "source": { "advisory": "GHSA-4m9p-7xg6-f4mm", "discovery": "UNKNOWN" }, "title": "DataEase has an XXE vulnerability" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2024-46985", "datePublished": "2024-09-23T15:12:21.539Z", "dateReserved": "2024-09-16T16:10:09.018Z", "dateUpdated": "2024-09-23T15:44:55.968Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-40771
Vulnerability from cvelistv5
Published
2023-09-01 00:00
Modified
2024-10-01 14:24
Severity ?
EPSS score ?
Summary
SQL injection vulnerability in DataEase v.1.18.9 allows a remote attacker to obtain sensitive information via a crafted string outside of the blacklist function.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T18:46:11.019Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/dataease/dataease/issues/5861" } ], "title": "CVE Program Container" }, { "metrics": [ { "other": { "content": { "id": "CVE-2023-40771", "options": [ { "Exploitation": "poc" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-01T14:24:21.669179Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-01T14:24:28.217Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "SQL injection vulnerability in DataEase v.1.18.9 allows a remote attacker to obtain sensitive information via a crafted string outside of the blacklist function." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2023-09-01T15:04:09.948942", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "url": "https://github.com/dataease/dataease/issues/5861" } ] } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2023-40771", "datePublished": "2023-09-01T00:00:00", "dateReserved": "2023-08-22T00:00:00", "dateUpdated": "2024-10-01T14:24:28.217Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-33963
Vulnerability from cvelistv5
Published
2023-06-01 15:09
Modified
2024-08-02 15:54
Severity ?
EPSS score ?
Summary
DataEase is an open source data visualization and analysis tool. Prior to version 1.18.7, a deserialization vulnerability exists in the DataEase datasource, which can be exploited to execute arbitrary code. The vulnerability has been fixed in v1.18.7. There are no known workarounds aside from upgrading.
References
▼ | URL | Tags |
---|---|---|
https://github.com/dataease/dataease/security/advisories/GHSA-m26j-gh4m-xh9f | x_refsource_CONFIRM | |
https://github.com/dataease/dataease/releases/tag/v1.18.7 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T15:54:14.155Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-m26j-gh4m-xh9f", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-m26j-gh4m-xh9f" }, { "name": "https://github.com/dataease/dataease/releases/tag/v1.18.7", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/dataease/dataease/releases/tag/v1.18.7" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "dataease", "vendor": "dataease", "versions": [ { "status": "affected", "version": "\u003c 1.18.7" } ] } ], "descriptions": [ { "lang": "en", "value": "DataEase is an open source data visualization and analysis tool. Prior to version 1.18.7, a deserialization vulnerability exists in the DataEase datasource, which can be exploited to execute arbitrary code. The vulnerability has been fixed in v1.18.7. There are no known workarounds aside from upgrading." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-502", "description": "CWE-502: Deserialization of Untrusted Data", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-01T15:09:14.264Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-m26j-gh4m-xh9f", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-m26j-gh4m-xh9f" }, { "name": "https://github.com/dataease/dataease/releases/tag/v1.18.7", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/dataease/dataease/releases/tag/v1.18.7" } ], "source": { "advisory": "GHSA-m26j-gh4m-xh9f", "discovery": "UNKNOWN" }, "title": "DataEase data source has deserialization vulnerability" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2023-33963", "datePublished": "2023-06-01T15:09:14.264Z", "dateReserved": "2023-05-24T13:46:35.953Z", "dateUpdated": "2024-08-02T15:54:14.155Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-28435
Vulnerability from cvelistv5
Published
2023-03-24 20:39
Modified
2024-08-02 12:38
Severity ?
EPSS score ?
Summary
Dataease is an open source data visualization and analysis tool. The permissions for the file upload interface is not checked so users who are not logged in can upload directly to the background. The file type also goes unchecked, users could upload any type of file. These vulnerabilities has been fixed in version 1.18.5.
References
▼ | URL | Tags |
---|---|---|
https://github.com/dataease/dataease/security/advisories/GHSA-625h-q3g9-rffc | x_refsource_CONFIRM | |
https://github.com/dataease/dataease/issues/4798 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T12:38:25.335Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-625h-q3g9-rffc", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-625h-q3g9-rffc" }, { "name": "https://github.com/dataease/dataease/issues/4798", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/dataease/dataease/issues/4798" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "dataease", "vendor": "dataease", "versions": [ { "status": "affected", "version": "\u003c 1.18.5" } ] } ], "descriptions": [ { "lang": "en", "value": "Dataease is an open source data visualization and analysis tool. The permissions for the file upload interface is not checked so users who are not logged in can upload directly to the background. The file type also goes unchecked, users could upload any type of file. These vulnerabilities has been fixed in version 1.18.5.\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "NONE", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-79", "description": "CWE-79: Improper Neutralization of Input During Web Page Generation (\u0027Cross-site Scripting\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-24T20:39:23.223Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-625h-q3g9-rffc", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-625h-q3g9-rffc" }, { "name": "https://github.com/dataease/dataease/issues/4798", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/dataease/dataease/issues/4798" } ], "source": { "advisory": "GHSA-625h-q3g9-rffc", "discovery": "UNKNOWN" }, "title": "Dataease file upload interface does not verify permission or file type" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2023-28435", "datePublished": "2023-03-24T20:39:23.223Z", "dateReserved": "2023-03-15T15:59:10.053Z", "dateUpdated": "2024-08-02T12:38:25.335Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-28437
Vulnerability from cvelistv5
Published
2023-03-24 23:43
Modified
2024-08-02 12:38
Severity ?
EPSS score ?
Summary
Dataease is an open source data visualization and analysis tool. The blacklist for SQL injection protection is missing entries. This vulnerability has been fixed in version 1.18.5. There are no known workarounds.
References
▼ | URL | Tags |
---|---|---|
https://github.com/dataease/dataease/security/advisories/GHSA-7j7j-9rw6-3r56 | x_refsource_CONFIRM | |
https://github.com/dataease/dataease/issues/4795 | x_refsource_MISC | |
https://github.com/dataease/dataease/releases/tag/v1.18.5 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T12:38:25.347Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-7j7j-9rw6-3r56", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-7j7j-9rw6-3r56" }, { "name": "https://github.com/dataease/dataease/issues/4795", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/dataease/dataease/issues/4795" }, { "name": "https://github.com/dataease/dataease/releases/tag/v1.18.5", "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/dataease/dataease/releases/tag/v1.18.5" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "dataease", "vendor": "dataease", "versions": [ { "status": "affected", "version": "\u003c 1.18.5" } ] } ], "descriptions": [ { "lang": "en", "value": "Dataease is an open source data visualization and analysis tool. The blacklist for SQL injection protection is missing entries. This vulnerability has been fixed in version 1.18.5. There are no known workarounds. " } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-89", "description": "CWE-89: Improper Neutralization of Special Elements used in an SQL Command (\u0027SQL Injection\u0027)", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-03-24T23:43:15.992Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-7j7j-9rw6-3r56", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-7j7j-9rw6-3r56" }, { "name": "https://github.com/dataease/dataease/issues/4795", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/dataease/dataease/issues/4795" }, { "name": "https://github.com/dataease/dataease/releases/tag/v1.18.5", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/dataease/dataease/releases/tag/v1.18.5" } ], "source": { "advisory": "GHSA-7j7j-9rw6-3r56", "discovery": "UNKNOWN" }, "title": "SQL injection vulnerability due to the keyword blacklist for defending against SQL injection will be bypassed" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2023-28437", "datePublished": "2023-03-24T23:43:15.992Z", "dateReserved": "2023-03-15T15:59:10.054Z", "dateUpdated": "2024-08-02T12:38:25.347Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35164
Vulnerability from cvelistv5
Published
2023-06-26 21:17
Modified
2024-11-06 17:20
Severity ?
EPSS score ?
Summary
DataEase is an open source data visualization analysis tool to analyze data and gain insight into business trends. In affected versions a missing authorization check allows unauthorized users to manipulate a dashboard created by the administrator. This vulnerability has been fixed in version 1.18.8. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
▼ | URL | Tags |
---|---|---|
https://github.com/dataease/dataease/security/advisories/GHSA-grxm-fc3h-3qgj | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:23:59.383Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-grxm-fc3h-3qgj", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-grxm-fc3h-3qgj" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "dataease", "vendor": "dataease", "versions": [ { "lessThan": "1.18.8", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-35164", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-06T17:19:23.685947Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-06T17:20:03.844Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "dataease", "vendor": "dataease", "versions": [ { "status": "affected", "version": "\u003c 1.18.8" } ] } ], "descriptions": [ { "lang": "en", "value": "DataEase is an open source data visualization analysis tool to analyze data and gain insight into business trends. In affected versions a missing authorization check allows unauthorized users to manipulate a dashboard created by the administrator. This vulnerability has been fixed in version 1.18.8. Users are advised to upgrade. There are no known workarounds for this vulnerability." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "LOW", "baseScore": 6.3, "baseSeverity": "MEDIUM", "confidentialityImpact": "LOW", "integrityImpact": "LOW", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-862", "description": "CWE-862: Missing Authorization", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-26T21:17:25.623Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-grxm-fc3h-3qgj", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-grxm-fc3h-3qgj" } ], "source": { "advisory": "GHSA-grxm-fc3h-3qgj", "discovery": "UNKNOWN" }, "title": "Unauthorized users can manipulate a dashboard created by an administrator in DataEase" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2023-35164", "datePublished": "2023-06-26T21:17:25.623Z", "dateReserved": "2023-06-14T14:17:52.179Z", "dateUpdated": "2024-11-06T17:20:03.844Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-47073
Vulnerability from cvelistv5
Published
2024-11-07 17:31
Modified
2024-11-21 16:23
Severity ?
EPSS score ?
Summary
DataEase is an open source data visualization analysis tool that helps users quickly analyze data and gain insights into business trends. In affected versions a the lack of signature verification of jwt tokens allows attackers to forge jwts which then allow access to any interface. The vulnerability has been fixed in v2.10.2 and all users are advised to upgrade. There are no known workarounds for this vulnerability.
References
▼ | URL | Tags |
---|---|---|
https://github.com/dataease/dataease/security/advisories/GHSA-5jr4-wrm2-xj36 | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "affected": [ { "cpes": [ "cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "dataease", "vendor": "dataease", "versions": [ { "lessThan": "2.10.2", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2024-47073", "options": [ { "Exploitation": "none" }, { "Automatable": "yes" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-08T16:57:27.332087Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-21T16:23:47.430Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "dataease", "vendor": "dataease", "versions": [ { "status": "affected", "version": "\u003c 2.10.2" } ] } ], "descriptions": [ { "lang": "en", "value": "DataEase is an open source data visualization analysis tool that helps users quickly analyze data and gain insights into business trends. In affected versions a the lack of signature verification of jwt tokens allows attackers to forge jwts which then allow access to any interface. The vulnerability has been fixed in v2.10.2 and all users are advised to upgrade. There are no known workarounds for this vulnerability." } ], "metrics": [ { "cvssV4_0": { "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.3, "baseSeverity": "CRITICAL", "privilegesRequired": "NONE", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-347", "description": "CWE-347: Improper Verification of Cryptographic Signature", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-11-07T17:31:23.535Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-5jr4-wrm2-xj36", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-5jr4-wrm2-xj36" } ], "source": { "advisory": "GHSA-5jr4-wrm2-xj36", "discovery": "UNKNOWN" }, "title": "Dataease arbitrary interface access vulnerability" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2024-47073", "datePublished": "2024-11-07T17:31:23.535Z", "dateReserved": "2024-09-17T17:42:37.029Z", "dateUpdated": "2024-11-21T16:23:47.430Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-39312
Vulnerability from cvelistv5
Published
2022-10-25 00:00
Modified
2024-08-03 12:00
Severity ?
EPSS score ?
Summary
Dataease is an open source data visualization analysis tool. Dataease prior to 1.15.2 has a deserialization vulnerability. In Dataease, the Mysql data source in the data source function can customize the JDBC connection parameters and the Mysql server target to be connected. In `backend/src/main/java/io/dataease/provider/datasource/JdbcProvider.java`, the `MysqlConfiguration` class does not filter any parameters. If an attacker adds some parameters to a JDBC url and connects to a malicious mysql server, the attacker can trigger the mysql jdbc deserialization vulnerability. Through the deserialization vulnerability, the attacker can execute system commands and obtain server privileges. Version 1.15.2 contains a patch for this issue.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T12:00:44.107Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_transferred" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-q4qq-jhjv-7rh2" }, { "tags": [ "x_transferred" ], "url": "https://github.com/dataease/dataease/pull/3328" }, { "tags": [ "x_transferred" ], "url": "https://github.com/dataease/dataease/commit/956ee2d6c9e81349a60aef435efc046888e10a6d" }, { "tags": [ "x_transferred" ], "url": "https://github.com/dataease/dataease/releases/tag/v1.15.2" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "dataease", "vendor": "dataease", "versions": [ { "status": "affected", "version": "\u003c 1.15.2" } ] } ], "descriptions": [ { "lang": "en", "value": "Dataease is an open source data visualization analysis tool. Dataease prior to 1.15.2 has a deserialization vulnerability. In Dataease, the Mysql data source in the data source function can customize the JDBC connection parameters and the Mysql server target to be connected. In `backend/src/main/java/io/dataease/provider/datasource/JdbcProvider.java`, the `MysqlConfiguration` class does not filter any parameters. If an attacker adds some parameters to a JDBC url and connects to a malicious mysql server, the attacker can trigger the mysql jdbc deserialization vulnerability. Through the deserialization vulnerability, the attacker can execute system commands and obtain server privileges. Version 1.15.2 contains a patch for this issue." } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en", "type": "CWE" } ] }, { "descriptions": [ { "cweId": "CWE-502", "description": "CWE-502: Deserialization of Untrusted Data", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2022-10-25T00:00:00", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "url": "https://github.com/dataease/dataease/security/advisories/GHSA-q4qq-jhjv-7rh2" }, { "url": "https://github.com/dataease/dataease/pull/3328" }, { "url": "https://github.com/dataease/dataease/commit/956ee2d6c9e81349a60aef435efc046888e10a6d" }, { "url": "https://github.com/dataease/dataease/releases/tag/v1.15.2" } ], "source": { "advisory": "GHSA-q4qq-jhjv-7rh2", "discovery": "UNKNOWN" }, "title": "Dataease Mysql Data Source JDBC Connection Parameters Not Verified Leads to Deserialization Vulnerability" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2022-39312", "datePublished": "2022-10-25T00:00:00", "dateReserved": "2022-09-02T00:00:00", "dateUpdated": "2024-08-03T12:00:44.107Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-55952
Vulnerability from cvelistv5
Published
2024-12-18 18:49
Modified
2024-12-18 19:16
Severity ?
EPSS score ?
Summary
DataEase is an open source business analytics tool. Authenticated users can remotely execute code through the backend JDBC connection. When constructing the jdbc connection string, the parameters are not filtered. Constructing the host as ip:5432/test/?socketFactory=org.springframework.context.support.ClassPathXmlApplicationContext&socketFactoryArg=http://ip:5432/1.xml&a= can trigger the ClassPathXmlApplicationContext construction method. The vulnerability has been fixed in v1.18.27. Users are advised to upgrade. There are no known workarounds for this vulnerability.
References
▼ | URL | Tags |
---|---|---|
https://github.com/dataease/dataease/security/advisories/GHSA-w8qm-xw38-93qw | x_refsource_CONFIRM | |
https://github.com/dataease/dataease/commit/0db4872a52eccf6e83dd9359aa05db52dd580ec1 | x_refsource_MISC |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-55952", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "total" } ], "role": "CISA Coordinator", "timestamp": "2024-12-18T19:06:26.247459Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-12-18T19:16:19.747Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "dataease", "vendor": "dataease", "versions": [ { "status": "affected", "version": "\u003c 1.18.27" } ] } ], "descriptions": [ { "lang": "en", "value": "DataEase is an open source business analytics tool. Authenticated users can remotely execute code through the backend JDBC connection. When constructing the jdbc connection string, the parameters are not filtered. Constructing the host as ip:5432/test/?socketFactory=org.springframework.context.support.ClassPathXmlApplicationContext\u0026socketFactoryArg=http://ip:5432/1.xml\u0026a= can trigger the ClassPathXmlApplicationContext construction method. The vulnerability has been fixed in v1.18.27. Users are advised to upgrade. There are no known workarounds for this vulnerability." } ], "metrics": [ { "cvssV4_0": { "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 8.6, "baseSeverity": "HIGH", "privilegesRequired": "LOW", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-20", "description": "CWE-20: Improper Input Validation", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-12-18T18:49:24.214Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-w8qm-xw38-93qw", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-w8qm-xw38-93qw" }, { "name": "https://github.com/dataease/dataease/commit/0db4872a52eccf6e83dd9359aa05db52dd580ec1", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/dataease/dataease/commit/0db4872a52eccf6e83dd9359aa05db52dd580ec1" } ], "source": { "advisory": "GHSA-w8qm-xw38-93qw", "discovery": "UNKNOWN" }, "title": "Dataease Redshift Data Source JDBC Connection Parameters Not Verified Leads to RCE Vulnerability" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2024-55952", "datePublished": "2024-12-18T18:49:24.214Z", "dateReserved": "2024-12-13T17:47:38.371Z", "dateUpdated": "2024-12-18T19:16:19.747Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2024-47074
Vulnerability from cvelistv5
Published
2024-10-11 14:45
Modified
2024-10-11 19:59
Severity ?
EPSS score ?
Summary
DataEase is an open source data visualization analysis tool. In Dataease, the PostgreSQL data source in the data source function can customize the JDBC connection parameters and the PG server target to be connected. In backend/src/main/java/io/dataease/provider/datasource/JdbcProvider.java, PgConfiguration class don't filter any parameters, directly concat user input. So, if the attacker adds some parameters in JDBC url, and connect to evil PG server, the attacker can trigger the PG jdbc deserialization vulnerability, and eventually the attacker can execute through the deserialization vulnerability system commands and obtain server privileges. The vulnerability has been fixed in v1.18.25.
References
▼ | URL | Tags |
---|---|---|
https://github.com/dataease/dataease/security/advisories/GHSA-jgg7-w629-wcpc | x_refsource_CONFIRM | |
https://github.com/dataease/dataease/commit/86eafc4d77f0bbc0eaa7fc58e5076a085257f259 | x_refsource_MISC |
{ "containers": { "adp": [ { "metrics": [ { "other": { "content": { "id": "CVE-2024-47074", "options": [ { "Exploitation": "none" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-10-11T19:59:20.591287Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-10-11T19:59:38.971Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "dataease", "vendor": "dataease", "versions": [ { "status": "affected", "version": "\u003c 1.18.25" } ] } ], "descriptions": [ { "lang": "en", "value": "DataEase is an open source data visualization analysis tool. In Dataease, the PostgreSQL data source in the data source function can customize the JDBC connection parameters and the PG server target to be connected. In backend/src/main/java/io/dataease/provider/datasource/JdbcProvider.java, PgConfiguration class don\u0027t filter any parameters, directly concat user input. So, if the attacker adds some parameters in JDBC url, and connect to evil PG server, the attacker can trigger the PG jdbc deserialization vulnerability, and eventually the attacker can execute through the deserialization vulnerability system commands and obtain server privileges. The vulnerability has been fixed in v1.18.25." } ], "metrics": [ { "cvssV4_0": { "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "baseScore": 9.3, "baseSeverity": "CRITICAL", "privilegesRequired": "NONE", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-502", "description": "CWE-502: Deserialization of Untrusted Data", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2024-10-11T14:45:31.107Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-jgg7-w629-wcpc", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-jgg7-w629-wcpc" }, { "name": "https://github.com/dataease/dataease/commit/86eafc4d77f0bbc0eaa7fc58e5076a085257f259", "tags": [ "x_refsource_MISC" ], "url": "https://github.com/dataease/dataease/commit/86eafc4d77f0bbc0eaa7fc58e5076a085257f259" } ], "source": { "advisory": "GHSA-jgg7-w629-wcpc", "discovery": "UNKNOWN" }, "title": "Dataease PostgreSQL Data Source JDBC Connection Parameters Not Verified Leads to Deserialization Vulnerability" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2024-47074", "datePublished": "2024-10-11T14:45:31.107Z", "dateReserved": "2024-09-17T17:42:37.029Z", "dateUpdated": "2024-10-11T19:59:38.971Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2022-23331
Vulnerability from cvelistv5
Published
2022-02-08 12:29
Modified
2024-08-03 03:36
Severity ?
EPSS score ?
Summary
In DataEase v1.6.1, an authenticated user can gain unauthorized access to all user information and can change the administrator password.
References
▼ | URL | Tags |
---|---|---|
https://github.com/dataease/dataease/issues/1618 | x_refsource_MISC |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-03T03:36:20.404Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://github.com/dataease/dataease/issues/1618" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "descriptions": [ { "lang": "en", "value": "In DataEase v1.6.1, an authenticated user can gain unauthorized access to all user information and can change the administrator password." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2022-02-08T12:29:28", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "https://github.com/dataease/dataease/issues/1618" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2022-23331", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "In DataEase v1.6.1, an authenticated user can gain unauthorized access to all user information and can change the administrator password." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "https://github.com/dataease/dataease/issues/1618", "refsource": "MISC", "url": "https://github.com/dataease/dataease/issues/1618" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2022-23331", "datePublished": "2022-02-08T12:29:28", "dateReserved": "2022-01-18T00:00:00", "dateUpdated": "2024-08-03T03:36:20.404Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
cve-2023-35168
Vulnerability from cvelistv5
Published
2023-06-26 20:11
Modified
2024-11-06 17:28
Severity ?
EPSS score ?
Summary
DataEase is an open source data visualization analysis tool to analyze data and gain insight into business trends. Affected versions of DataEase has a privilege bypass vulnerability where ordinary users can gain access to the user database. Exposed information includes md5 hashes of passwords, username, email, and phone number. The vulnerability has been fixed in v1.18.8. Users are advised to upgrade. There are no known workarounds for the vulnerability.
References
▼ | URL | Tags |
---|---|---|
https://github.com/dataease/dataease/security/advisories/GHSA-c2r2-68p6-73xv | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-02T16:23:59.689Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-c2r2-68p6-73xv", "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-c2r2-68p6-73xv" } ], "title": "CVE Program Container" }, { "affected": [ { "cpes": [ "cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:*" ], "defaultStatus": "unknown", "product": "dataease", "vendor": "dataease", "versions": [ { "lessThan": "1.18.8", "status": "affected", "version": "0", "versionType": "custom" } ] } ], "metrics": [ { "other": { "content": { "id": "CVE-2023-35168", "options": [ { "Exploitation": "poc" }, { "Automatable": "no" }, { "Technical Impact": "partial" } ], "role": "CISA Coordinator", "timestamp": "2024-11-06T17:25:40.929981Z", "version": "2.0.3" }, "type": "ssvc" } } ], "providerMetadata": { "dateUpdated": "2024-11-06T17:28:10.193Z", "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP" }, "title": "CISA ADP Vulnrichment" } ], "cna": { "affected": [ { "product": "dataease", "vendor": "dataease", "versions": [ { "status": "affected", "version": "\u003c 1.18.8" } ] } ], "descriptions": [ { "lang": "en", "value": "DataEase is an open source data visualization analysis tool to analyze data and gain insight into business trends. Affected versions of DataEase has a privilege bypass vulnerability where ordinary users can gain access to the user database. Exposed information includes md5 hashes of passwords, username, email, and phone number. The vulnerability has been fixed in v1.18.8. Users are advised to upgrade. There are no known workarounds for the vulnerability.\n" } ], "metrics": [ { "cvssV3_1": { "attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "NONE", "baseScore": 6.5, "baseSeverity": "MEDIUM", "confidentialityImpact": "HIGH", "integrityImpact": "NONE", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N", "version": "3.1" } } ], "problemTypes": [ { "descriptions": [ { "cweId": "CWE-732", "description": "CWE-732: Incorrect Permission Assignment for Critical Resource", "lang": "en", "type": "CWE" } ] } ], "providerMetadata": { "dateUpdated": "2023-06-26T20:11:04.044Z", "orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M" }, "references": [ { "name": "https://github.com/dataease/dataease/security/advisories/GHSA-c2r2-68p6-73xv", "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-c2r2-68p6-73xv" } ], "source": { "advisory": "GHSA-c2r2-68p6-73xv", "discovery": "UNKNOWN" }, "title": "DataEase has a privilege bypass vulnerability" } }, "cveMetadata": { "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "assignerShortName": "GitHub_M", "cveId": "CVE-2023-35168", "datePublished": "2023-06-26T20:11:04.044Z", "dateReserved": "2023-06-14T14:17:52.179Z", "dateUpdated": "2024-11-06T17:28:10.193Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }