9.8 CVE-2025-53005
Exploit
DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, there is a bypass vulnerability in Dataease's PostgreSQL Data Source JDBC Connection Parameters. The sslfactory and sslfactoryarg parameters could trigger a bypass vulnerability. This issue has been patched in version 2.10.11.
https://nvd.nist.gov/vuln/detail/CVE-2025-53005
Categories
CWE-153 : Improper Neutralization of Substitution Characters
The product receives input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could be interpreted as substitution characters when they are sent to a downstream component. Developers should anticipate that substitution characters will be injected/removed/manipulated in the input vectors of their product. Use an appropriate combination of denylists and allowlists to ensure only valid, expected and appropriate input is processed by the system. While it is risky to use dynamically-generated query strings, code, or commands that mix control and data together, sometimes it may be unavoidable. Properly quote arguments and escape any special characters within those arguments. The most conservative approach is to escape or filter all characters that do not pass an extremely strict allowlist (such as everything that is not alphanumeric or white space). If some special characters are still needed, such as white space, wrap each argument in quotes after the escaping/filtering step. Be careful of argument injection (CWE-88). Inputs should be decoded and canonicalized to the application's current internal representation before being validated (CWE-180). Make sure that the application does not decode the same input twice (CWE-174). Such errors could be used to bypass allowlist validation schemes by introducing dangerous inputs after they have been checked. Server trusts client to expand macros, allows macro characters to be expanded to trigger resultant information exposure.
References
134c704f-9b21-4f2e-91b3-4a467353bcc0 Exploit
| https://github.com/dataease/dataease/security/advisories/GHSA-99c4-h4fq-r23v Exploit Vendor Advisory |
security-advisories@github.com Exploit
| https://github.com/dataease/dataease/security/advisories/GHSA-99c4-h4fq-r23v Exploit Vendor Advisory |
CPE
| cpe | start | end |
|---|---|---|
| Configuration 1 | ||
| cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:* | < 2.10.11 | |
REMEDIATION
EXPLOITS
Exploit-db.com
| id | description | date | |
|---|---|---|---|
| No known exploits | |||
POC Github
| Url |
|---|
| No known exploits |
Other Nist (github, ...)
| Url |
|---|
| https://github.com/dataease/dataease/security/advisories/GHSA-99c4-h4fq-r23v |
| https://github.com/dataease/dataease/security/advisories/GHSA-99c4-h4fq-r23v |
CAPEC
Common Attack Pattern Enumerations and Classifications
| id | description | severity |
|---|---|---|
| No entry | ||
Cybersecurity needs ?
Strengthen software security from the outset with our DevSecOps expertise
Integrate security right from the start of the software development cycle for more robust applications and greater customer confidence.
Our team of DevSecOps experts can help you secure your APIs, data pipelines, CI/CD chains, Docker containers and Kubernetes deployments.
