Application Details
The CData API Server is a lightweight application that allows developers to create and expose data APIs, for any supported data source, without the need for custom development.
Vulnerability
The Java version of CData API Server < 23.4.8844 could allow a remote attacker to traverse directories on the system, caused by a flaw when running using the embedded Jetty server.
Identification
An attacker could send a specially crafted URL request containing "dot dot" sequences (/../) to gain complete administrative access to the application.
GET /ui/..%5Csrc%5CgetSettings.rsb?@json
Detection
By turning this into a traffic file and matching rule, we are able to detect attempts by an unauthenticated remote attacker at directory traversal leading to complete administrative access to the application.
Coverage
Idappcom have created signature 8024917 along with a traffic file for this vulnerability.
References
Traffic IQ
If you are concerned that your business may be at risk of this vulnerability or others why not try out our Traffic IQ software which can scan your defences and report any issues. Learn more here: https://www.idappcom.co.uk/traffic-iq-professional
Comments