CVE-2022-47879

Name of the Vulnerable Software and Affected Versions Jedox version 2020.2.5

Description A Remote Code Execution (RCE) issue allows remote authenticated users to load arbitrary PHP classes from the 'rtn' directory and execute its methods via the /be/rpc.php endpoint.

Recommendations For Jedox version 2020.2.5, as a temporary workaround, consider restricting access to the /be/rpc.php endpoint to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.