Vulnerability Details CVE-2022-47874
Improper Access Control in /tc/rpc in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to view details of database connections via class 'com.jedox.etl.mngr.Connections' and method 'getGlobalConnection'.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.268
EPSS Ranking 96.1%
CVSS Severity
CVSS v3 Score 6.5
References
- http://packetstormsecurity.com/files/172156/Jedox-2020.2.5-Database-Credential-Disclosure.html
- https://docs.syslifters.com/assets/vulnerability-disclosure/Vulnerability-Disclosure-Jedox-Jedox-04-2023.pdf
- http://packetstormsecurity.com/files/172156/Jedox-2020.2.5-Database-Credential-Disclosure.html
- https://docs.syslifters.com/assets/vulnerability-disclosure/Vulnerability-Disclosure-Jedox-Jedox-04-2023.pdf