漏洞标题
Dataease Mysql数据源JDBC连接参数未验证导致解序列化漏洞
漏洞描述信息
Dataease Mysql 数据源 JDBC 连接参数未验证导致反序列化漏洞
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
漏洞类别
N/A
漏洞标题
Dataease Mysql Data Source JDBC Connection Parameters Not Verified Leads to Deserialization Vulnerability
漏洞描述信息
Dataease is an open source data visualization analysis tool. Dataease prior to 1.15.2 has a deserialization vulnerability. In Dataease, the Mysql data source in the data source function can customize the JDBC connection parameters and the Mysql server target to be connected. In `backend/src/main/java/io/dataease/provider/datasource/JdbcProvider.java`, the `MysqlConfiguration` class does not filter any parameters. If an attacker adds some parameters to a JDBC url and connects to a malicious mysql server, the attacker can trigger the mysql jdbc deserialization vulnerability. Through the deserialization vulnerability, the attacker can execute system commands and obtain server privileges. Version 1.15.2 contains a patch for this issue.
CVSS信息
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
漏洞类别
输入验证不恰当
漏洞标题
DataEase 代码问题漏洞
漏洞描述信息
DataEase是一个开源的数据可视化分析工具。用于帮助用户快速分析数据并洞察业务趋势,从而实现业务的改进与优化。 DataEase 1.15.2之前版本存在安全漏洞,该漏洞源于存在反序列化漏洞,数据源函数中的Mysql数据源可以自定义JDBC连接参数和要连接的Mysql服务器目标,由于不过滤任何参数,如果攻击者在JDBC url中添加一些参数并连接到恶意的mysql服务器,可以触发mysql jdbc反序列化漏洞,进而可以执行系统命令并获取服务器权限。
CVSS信息
N/A
漏洞类别
代码问题