CData.Jetty.Server.Directory.Traversal
Description
This indicates an attack attempt to exploit a Path Traversal Vulnerability in multiple CData products when deployed using the embedded Jetty server.
The vulnerability is due to insufficient sanitizing of user-supplied input. An attacker can exploit this issue to gain administrator privileges on the application.
Affected Products
CData API Server prior to 23.4.8844
CData Connect prior to 23.4.8846
CData Arc prior to 23.4.8839
CData Sync prior to 23.4.8843
Impact
Privilege Escalation: Attackers can leverage their privileges on vulnerable systems.
Recommended Actions
Apply the most recent upgrade or patch from the vendor.
https://www.cdata.com/kb/entries/jetty-cve-0324.rst
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2024-04-18 | 27.771 |