Thursday, October 3, 2024
HomeCVE/vulnerabilityMultiple CData Vulnerabilities Let Attackers Bypass Security Restrictions

Multiple CData Vulnerabilities Let Attackers Bypass Security Restrictions

Published on

A path traversal vulnerability was discovered in the Java versions of multiple CData products when using the embedded Jetty server, allowing remote attackers to potentially access sensitive information and perform limited actions on the system. 

The vulnerability arises from the interplay between how the embedded Jetty server and CData servlets handle incoming requests, creating a path traversal issue where an attacker can manipulate the path to access unintended directories on the system.

An attacker can exploit a path traversal vulnerability in CData Sync versions before 23.4.8843, which stems from unintended Jetty behavior when processing servlet mappings and security constraints in the web.xml file.

- Advertisement - EHA

CData Vulnerabilities Bypass Security Restrictions

Jetty’s handling of backslashes (\) in URIs differs from other servers, allowing attackers to bypass restrictions, while the lack of proper session checks on certain endpoints makes it possible to perform unauthorized actions after exploiting the path traversal.

Document
Stop Advanced Phishing Attack With AI

AI-Powered Protection for Business Email Security

Trustifi’s Advanced threat protection prevents the widest spectrum of sophisticated attacks before they reach a user’s mailbox. Stopping 99% of phishing attacks missed by other email security solutions. .

CData API Server versions prior to 23.4.8844 for Java with the embedded Jetty server are vulnerable to a path traversal attack (CVE-2024-31848), which allows unauthenticated remote attackers to exploit improper path validation to access arbitrary files on the system.  

It could potentially grant complete administrative control of the application, as the Common Vulnerability Scoring System (CVSS) assigns a score of 9.8, reflecting the critical severity of this exploit. 

CData Connect, a Java application running on the embedded Jetty server prior to version 23.4.8846, is vulnerable to a critical path traversal attack (CVE-2024-31849). 

The weakness allows unauthenticated, remote attackers to exploit the application’s directory traversal functionality to gain complete administrative access.

With a CVSS base score of 9.8, vulnerability poses a serious risk and immediate patching is recommended. 

Regular Request

When using the embedded Jetty server, CData Arc, a Java application with versions prior to 23.4.8839, is vulnerable to a path traversal attack that a remote, unauthenticated attacker can use to access sensitive data and potentially carry out limited actions on the system.  

According to Tenable, the attacker can manipulate the path to access files outside the intended directory structure, expose sensitive data, or allow unauthorized modifications. Z

With Path Traversal

CData Sync, a data integration software, is vulnerable to a path traversal attack (CVE-2024-31851) when using the embedded Jetty server in its Java version prior to 23.4.8843. 

A remote, unauthenticated attacker could take advantage of this flaw to access sensitive data and potentially carry out limited actions on the system.

The Common Vulnerability Scoring System (CVSS) assigns a base score of 8.6 to this vulnerability, reflecting its high severity. 

The security vulnerability was found in CData products, where accessing “/src/getSettings.rsb” could expose sensitive data, which was disclosed to CData on March 4th, 2024, and acknowledged two days later, while CData released updates to address this vulnerability on March 25th, 2024, and a public advisory was published on April 5th, 2024.

Secure your emails in a heartbeat! Take Trustifi free 30-second assessment and get matched with your ideal email security vendor - Try Here
Eswar
Eswar
Eswar is a Cyber security content editor with a passion for creating captivating and informative content. With years of experience under his belt in Cyber Security, he is covering Cyber Security News, technology and other news.

Latest articles

Cisco Nexus Vulnerability Let Hackers Execute Arbitrary Commands on Vulnerable Systems

A critical vulnerability has been discovered in Cisco's Nexus Dashboard Fabric Controller (NDFC), potentially...

Hackers Now Exploit Ivanti Endpoint Manager Vulnerability to Launch Cyber Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of a new...

Tor Browser 13.5.6 Released – What’s New!

The Tor Project has announced the release of Tor Browser 13.5.6, which is now...

Mario Duarte, Former Snowflake Cybersecurity Leader, Joins Aembit as CISO to Tackle Non-Human Identities

Aembit, the non-human IAM company, today announced the appointment of Mario Duarte as chief...

Free Webinar

Decoding Compliance | What CISOs Need to Know

Non-compliance can result in substantial financial penalties, with average fines reaching up to $4.5 million for GDPR breaches alone.

Join us for an insightful panel discussion with Chandan Pani, CISO - LTIMindtree and Ashish Tandon, Founder & CEO – Indusface, as we explore the multifaceted role of compliance in securing modern enterprises.

Discussion points

The Role of Compliance
The Alphabet Soup of Compliance
Compliance
SaaS and Compliance
Indusface's Approach to Compliance

More like this

Cisco Nexus Vulnerability Let Hackers Execute Arbitrary Commands on Vulnerable Systems

A critical vulnerability has been discovered in Cisco's Nexus Dashboard Fabric Controller (NDFC), potentially...

Hackers Now Exploit Ivanti Endpoint Manager Vulnerability to Launch Cyber Attacks

The Cybersecurity and Infrastructure Security Agency (CISA) has announced the addition of a new...

Tor Browser 13.5.6 Released – What’s New!

The Tor Project has announced the release of Tor Browser 13.5.6, which is now...