CVE-2022-47874 | Vulnerability Database | Aqua Security

NVD

https://nvd.nist.gov/vuln/detail/CVE-2022-47874

CWE

https://cwe.mitre.org/data/definitions/NVD-Other.html

Improper Access Control in /tc/rpc in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to view details of database connections via class com.jedox.etl.mngr.Connections and method getGlobalConnection.

Affected Software

Name	Vendor	Start Version	End Version
Cloud	Jedox	- (including)	- (including)
Jedox	Jedox	2020.2.5 (including)	2020.2.5 (including)

References

http://packetstormsecurity.com/files/172156/Jedox-2020.2.5-Database-Credential-Disclosure.html
https://docs.syslifters.com/assets/vulnerability-disclosure/Vulnerability-Disclosure-Jedox-Jedox-04-2023.pdf
http://packetstormsecurity.com/files/172156/Jedox-2020.2.5-Database-Credential-Disclosure.html
https://docs.syslifters.com/assets/vulnerability-disclosure/Vulnerability-Disclosure-Jedox-Jedox-04-2023.pdf