Sunday, May 19, 2024

Multiple CData Vulnerabilities Let Attackers Bypass Security Restrictions

A path traversal vulnerability was discovered in the Java versions of multiple CData products when using the embedded Jetty server, allowing remote attackers to potentially access sensitive information and perform limited actions on the system. 

The vulnerability arises from the interplay between how the embedded Jetty server and CData servlets handle incoming requests, creating a path traversal issue where an attacker can manipulate the path to access unintended directories on the system.

An attacker can exploit a path traversal vulnerability in CData Sync versions before 23.4.8843, which stems from unintended Jetty behavior when processing servlet mappings and security constraints in the web.xml file.

CData Vulnerabilities Bypass Security Restrictions

Jetty’s handling of backslashes (\) in URIs differs from other servers, allowing attackers to bypass restrictions, while the lack of proper session checks on certain endpoints makes it possible to perform unauthorized actions after exploiting the path traversal.

Document
Stop Advanced Phishing Attack With AI

AI-Powered Protection for Business Email Security

Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Stopping 99% of phishing attacks missed by other email security solutions. .

CData API Server versions prior to 23.4.8844 for Java with the embedded Jetty server are vulnerable to a path traversal attack (CVE-2024-31848), which allows unauthenticated remote attackers to exploit improper path validation to access arbitrary files on the system.  

It could potentially grant complete administrative control of the application, as the Common Vulnerability Scoring System (CVSS) assigns a score of 9.8, reflecting the critical severity of this exploit. 

CData Connect, a Java application running on the embedded Jetty server prior to version 23.4.8846, is vulnerable to a critical path traversal attack (CVE-2024-31849). 

The weakness allows unauthenticated, remote attackers to exploit the application’s directory traversal functionality to gain complete administrative access.

With a CVSS base score of 9.8, vulnerability poses a serious risk and immediate patching is recommended. 

Regular Request

When using the embedded Jetty server, CData Arc, a Java application with versions prior to 23.4.8839, is vulnerable to a path traversal attack that a remote, unauthenticated attacker can use to access sensitive data and potentially carry out limited actions on the system.  

According to Tenable, the attacker can manipulate the path to access files outside the intended directory structure, expose sensitive data, or allow unauthorized modifications. Z

With Path Traversal

CData Sync, a data integration software, is vulnerable to a path traversal attack (CVE-2024-31851) when using the embedded Jetty server in its Java version prior to 23.4.8843. 

A remote, unauthenticated attacker could take advantage of this flaw to access sensitive data and potentially carry out limited actions on the system.

The Common Vulnerability Scoring System (CVSS) assigns a base score of 8.6 to this vulnerability, reflecting its high severity. 

The security vulnerability was found in CData products, where accessing “/src/getSettings.rsb” could expose sensitive data, which was disclosed to CData on March 4th, 2024, and acknowledged two days later, while CData released updates to address this vulnerability on March 25th, 2024, and a public advisory was published on April 5th, 2024.

Secure your emails in a heartbeat! Take Trustifi free 30-second assessment and get matched with your ideal email security vendor - Try Here
Website

Latest articles

Hackers Exploiting Docusign With Phishing Attack To Steal Credentials

Hackers prefer phishing as it exploits human vulnerabilities rather than technical flaws which make...

Norway Recommends Replacing SSLVPN/WebVPN to Stop Cyber Attacks

A very important message from the Norwegian National Cyber Security Centre (NCSC) says that...

New Linux Backdoor Attacking Linux Users Via Installation Packages

Linux is widely used in numerous servers, cloud infrastructure, and Internet of Things devices,...

ViperSoftX Malware Uses Deep Learning Model To Execute Commands

ViperSoftX malware, known for stealing cryptocurrency information, now leverages Tesseract, an open-source OCR engine,...

Santander Data Breach: Hackers Accessed Company Database

Santander has confirmed that there was a major data breach that affected its workers...

U.S. Govt Announces Rewards up to $5 Million for North Korean IT Workers

The U.S. government has offered a prize of up to $5 million for information...

Russian APT Hackers Attacking Critical Infrastructure

Russia leverages a mix of state-backed Advanced Persistent Threat (APT) groups and financially motivated...
Eswar
Eswar
Eswar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Free Webinar

Live API Attack Simulation

94% of organizations experience security problems in production APIs, and one in five suffers a data breach. As a result, cyber-attacks on APIs increased from 35% in 2022 to 46% in 2023, and this trend continues to rise.
Key takeaways include:

  • An exploit of OWASP API Top 10 vulnerability
  • A brute force ATO (Account Takeover) attack on API
  • A DDoS attack on an API
  • Positive security model automation to prevent API attacks

Related Articles