Brecht Snijders

**Name of the Vulnerable Software and Affected Versions** DataDirect Connect for JDBC for Amazon Redshift versions through 6.0.0.001392 DataDirect Connect for JDBC for Apache Cassandra versions through 6.0.0.000805 DataDirect Connect for JDBC for Hive versions through 6.0.1.001499 DataDirect Connect for JDBC for Apache Impala versions through 6.0.0.001155 DataDirect Connect for JDBC for Apache SparkSQL versions through 6.0.1.001222 DataDirect Connect for JDBC Autonomous REST Connector versions through 6.0.1.006961 DataDirect Connect for JDBC for DB2 versions through 6.0.0.000717 DataDirect Connect for JDBC for Google Analytics 4 versions through 6.0.0.000454 DataDirect Connect for JDBC for Google BigQuery versions through 6.0.0.002279 DataDirect Connect for JDBC for Greenplum versions through 6.0.0.001712 DataDirect Connect for JDBC for Informix versions through 6.0.0.000690 DataDirect Connect for JDBC for Microsoft Dynamics 365 versions through 6.0.0.003161 DataDirect Connect for JDBC for Microsoft SQLServer versions through 6.0.0.001936 DataDirect Connect for JDBC for Microsoft Sharepoint versions through 6.0.0.001559 DataDirect Connect for JDBC for MongoDB versions through 6.1.0.001654 DataDirect Connect for JDBC for MySQL versions through 5.1.4.000330 DataDirect Connect for JDBC for Oracle Database versions through 6.0.0.001747 DataDirect Connect for JDBC for Oracle Eloqua versions through 6.0.0.001438 DataDirect Connect for JDBC for Oracle Sales Cloud versions through 6.0.0.001225 DataDirect Connect for JDBC for Oracle Service Cloud versions through 5.1.4.000298 DataDirect Connect for JDBC for PostgreSQL versions through 6.0.0.001843 DataDirect Connect for JDBC for Progress OpenEdge versions through 5.1.4.000187 DataDirect Connect for JDBC for Salesforce versions through 6.0.0.003020 DataDirect Connect for JDBC for SAP HANA versions through 6.0.0.000879 DataDirect Connect for JDBC for SAP S/4 HANA versions through 6.0.1.001818 DataDirect Connect for JDBC for Sybase ASE versions through 5.1.4.000161 DataDirect Connect for JDBC for Snowflake versions through 6.0.1.001821 DataDirect Hybrid Data Pipeline Server versions through 4.6.2.3309 DataDirect Hybrid Data Pipeline JDBC Driver versions through 4.6.2.0607 DataDirect Hybrid Data Pipeline On Premises Connector versions through 4.6.2.1223 DataDirect Hybrid Data Pipeline Docker versions through 4.6.2.3316 DataDirect OpenAccess JDBC Driver versions through 8.1.0.0177 DataDirect OpenAccess JDBC Driver versions through 9.0.0.0019 **Description** The software contains an Improper Control of Generation of Code issue, specifically a Code Injection flaw. The `SpyAttribute` connection option, used with the `log=(file)` construct, allows a user to specify an arbitrary file for the JDBC driver to write log information to. If an application permits a user to define a value for the `SpyAttributes` connection option, an attacker could potentially write JavaScript code to a log file. If this log file is located in a directory accessible by the application server and has the correct extension, the server might interpret it as a resource to be served. An attacker could then request this resource, leading to the execution of the injected JavaScript code. **Recommendations** For DataDirect Connect for JDBC for Amazon Redshift versions through 6.0.0.001392, upgrade to version 6.0.0.001541. For DataDirect Connect for JDBC for Apache Cassandra versions through 6.0.0.000805, upgrade to version 6.0.0.000833. For DataDirect Connect for JDBC for Hive versions through 6.0.1.001499, upgrade to version 6.0.1.001628. For DataDirect Connect for JDBC for Apache Impala versions through 6.0.0.001155, upgrade to version 6.0.0.001279. For DataDirect Connect for JDBC for Apache SparkSQL versions through 6.0.1.001222, upgrade to version 6.0.1.001344. For DataDirect Connect for JDBC Autonomous REST Connector versions through 6.0.1.006961, upgrade to version 6.0.1.007063. For DataDirect Connect for JDBC for DB2 versions through 6.0.0.000717, upgrade to version 6.0.0.000964. For DataDirect Connect for JDBC for Google Analytics 4 versions through 6.0.0.000454, upgrade to version 6.0.0.000525. For DataDirect Connect for JDBC for Google BigQuery versions through 6.0.0.002279, upgrade to version 6.0.0.002410. For DataDirect Connect for JDBC for Greenplum versions through 6.0.0.001712, upgrade to version 6.0.0.001727. For DataDirect Connect for JDBC for Informix versions through 6.0.0.000690, upgrade to version 6.0.0.0851. For DataDirect Connect for JDBC for Microsoft Dynamics 365 versions through 6.0.0.003161, upgrade to version 6.0.0.3198. For DataDirect Connect for JDBC for Microsoft SQLServer versions through 6.0.0.001936, upgrade to version 6.0.0.001957. For DataDirect Connect for JDBC for Microsoft Sharepoint versions through 6.0.0.001559, upgrade to version 6.0.0.001587. For DataDirect Connect for JDBC for MongoDB versions through 6.1.0.001654, upgrade to version 6.1.0.001669. For DataDirect Connect for JDBC for MySQL versions through 5.1.4.000330, upgrade to version 5.1.4.000364. For DataDirect Connect for JDBC for Oracle Database versions through 6.0.0.001747, upgrade to version 6.0.0.001776. For DataDirect Connect for JDBC for Oracle Eloqua versions through 6.0.0.001438, upgrade to version 6.0.0.001458. For DataDirect Connect for JDBC for Oracle Sales Cloud versions through 6.0.0.001225, upgrade to version 6.0.0.001316. For DataDirect Connect for JDBC for Oracle Service Cloud versions through 5.1.4.000298, upgrade to version 5.1.4.000309. For DataDirect Connect for JDBC for PostgreSQL versions through 6.0.0.001843, upgrade to version 6.0.0.001856. For DataDirect Connect for JDBC for Progress OpenEdge versions through 5.1.4.000187, upgrade to version 5.1.4.000189. For DataDirect Connect for JDBC for Salesforce versions through 6.0.0.003020, upgrade to version 6.0.0.003125. For DataDirect Connect for JDBC for SAP HANA versions through 6.0.0.000879, this product is retired. For DataDirect Connect for JDBC for SAP S/4 HANA versions through 6.0.1.001818, upgrade to version 6.0.1.001858. For DataDirect Connect for JDBC for Sybase ASE versions through 5.1.4.000161, upgrade to version 5.1.4.000162. For DataDirect Connect for JDBC for Snowflake versions through 6.0.1.001821, upgrade to version 6.0.1.001856. For DataDirect Hybrid Data Pipeline Server versions through 4.6.2.3309, upgrade to version 4.6.2.3430. For DataDirect Hybrid Data Pipeline JDBC Driver versions through 4.6.2.0607, upgrade to version 4.6.2.1023. For DataDirect Hybrid Data Pipeline On Premises Connector versions through 4.6.2.1223, upgrade to version 4.6.2.1339. For DataDirect Hybrid Data Pipeline Docker versions through 4.6.2.3316, upgrade to version 4.6.2.3430. For DataDirect OpenAccess JDBC Driver versions through 8.1.0.0177, upgrade to version 8.1.0.0183. For DataDirect OpenAccess JDBC Driver versions through 9.0.0.0019, upgrade to version 9.0.0.0022.

**Name of the Vulnerable Software and Affected Versions** Progress DataDirect Connect for JDBC for Amazon Redshift versions through 6.0.0.001392 Progress DataDirect Connect for JDBC for Apache Cassandra versions through 6.0.0.000805 Progress DataDirect Connect for JDBC for Hive versions through 6.0.1.001499 Progress DataDirect Connect for JDBC for Apache Impala versions through 6.0.0.001155 Progress DataDirect Connect for JDBC for Apache SparkSQL versions through 6.0.1.001222 Progress DataDirect Connect for JDBC Autonomous REST Connector versions through 6.0.1.006961 Progress DataDirect Connect for JDBC for DB2 versions through 6.0.0.000717 Progress DataDirect Connect for JDBC for Google Analytics 4 versions through 6.0.0.000454 Progress DataDirect Connect for JDBC for Google BigQuery versions through 6.0.0.002279 Progress DataDirect Connect for JDBC for Greenplum versions through 6.0.0.001712 Progress DataDirect Connect for JDBC for Informix versions through 6.0.0.000690 Progress DataDirect Connect for JDBC for Microsoft Dynamics 365 versions through 6.0.0.003161 Progress DataDirect Connect for JDBC for Microsoft SQLServer versions through 6.0.0.001936 Progress DataDirect Connect for JDBC for Microsoft Sharepoint versions through 6.0.0.001559 Progress DataDirect Connect for JDBC for MongoDB versions through 6.1.0.001654 Progress DataDirect Connect for JDBC for MySQL versions through 5.1.4.000330 Progress DataDirect Connect for JDBC for Oracle Database versions through 6.0.0.001747 Progress DataDirect Connect for JDBC for Oracle Eloqua versions through 6.0.0.001438 Progress DataDirect Connect for JDBC for Oracle Sales Cloud versions through 6.0.0.001225 Progress DataDirect Connect for JDBC for Oracle Service Cloud versions through 5.1.4.000298 Progress DataDirect Connect for JDBC for PostgreSQL versions through 6.0.0.001843 Progress DataDirect Connect for JDBC for Progress OpenEdge versions through 5.1.4.000187 Progress DataDirect Connect for JDBC for Salesforce versions through 6.0.0.003020 Progress DataDirect Connect for JDBC for SAP HANA versions through 6.0.0.000879 Progress DataDirect Connect for JDBC for SAP S/4 HANA versions through 6.0.1.001818 Progress DataDirect Connect for JDBC for Sybase ASE versions through 5.1.4.000161 Progress DataDirect Connect for JDBC for Snowflake versions through 6.0.1.001821 DataDirect Hybrid Data Pipeline Server versions through 4.6.2.3309 DataDirect Hybrid Data Pipeline JDBC Driver versions through 4.6.2.0607 DataDirect Hybrid Data Pipeline On Premises Connector versions through 4.6.2.1223 DataDirect Hybrid Data Pipeline Docker versions through 4.6.2.3316 DataDirect OpenAccess JDBC Driver versions through 8.1.0.0177 DataDirect OpenAccess JDBC Driver versions through 9.0.0.0019 **Description** The software is susceptible to a code injection issue due to improper control of code generation. The `SpyAttribute` connection option allows an attacker to load and execute arbitrary classes on the class path if the application permits user-specified values for this option. This can lead to remote code inclusion. **Recommendations** Progress DataDirect Connect for JDBC for Amazon Redshift versions through 6.0.0.001392: Upgrade to version 6.0.0.001541 or later. Progress DataDirect Connect for JDBC for Apache Cassandra versions through 6.0.0.000805: Upgrade to version 6.0.0.000833 or later. Progress DataDirect Connect for JDBC for Hive versions through 6.0.1.001499: Upgrade to version 6.0.1.001628 or later. Progress DataDirect Connect for JDBC for Apache Impala versions through 6.0.0.001155: Upgrade to version 6.0.0.001279 or later. Progress DataDirect Connect for JDBC for Apache SparkSQL versions through 6.0.1.001222: Upgrade to version 6.0.1.001344 or later. Progress DataDirect Connect for JDBC Autonomous REST Connector versions through 6.0.1.006961: Upgrade to version 6.0.1.007063 or later. Progress DataDirect Connect for JDBC for DB2 versions through 6.0.0.000717: Upgrade to version 6.0.0.000964 or later. Progress DataDirect Connect for JDBC for Google Analytics 4 versions through 6.0.0.000454: Upgrade to version 6.0.0.000525 or later. Progress DataDirect Connect for JDBC for Google BigQuery versions through 6.0.0.002279: Upgrade to version 6.0.0.002410 or later. Progress DataDirect Connect for JDBC for Greenplum versions through 6.0.0.001712: Upgrade to version 6.0.0.001727 or later. Progress DataDirect Connect for JDBC for Informix versions through 6.0.0.000690: Upgrade to version 6.0.0.0851 or later. Progress DataDirect Connect for JDBC for Microsoft Dynamics 365 versions through 6.0.0.003161: Upgrade to version 6.0.0.3198 or later. Progress DataDirect Connect for JDBC for Microsoft SQLServer versions through 6.0.0.001936: Upgrade to version 6.0.0.001957 or later. Progress DataDirect Connect for JDBC for Microsoft Sharepoint versions through 6.0.0.001559: Upgrade to version 6.0.0.001587 or later. Progress DataDirect Connect for JDBC for MongoDB versions through 6.1.0.001654: Upgrade to version 6.1.0.001669 or later. Progress DataDirect Connect for JDBC for MySQL versions through 5.1.4.000330: Upgrade to version 5.1.4.000364 or later. Progress DataDirect Connect for JDBC for Oracle Database versions through 6.0.0.001747: Upgrade to version 6.0.0.001776 or later. Progress DataDirect Connect for JDBC for Oracle Eloqua versions through 6.0.0.001438: Upgrade to version 6.0.0.001458 or later. Progress DataDirect Connect for JDBC for Oracle Sales Cloud versions through 6.0.0.001225: Upgrade to version 6.0.0.001316 or later. Progress DataDirect Connect for JDBC for Oracle Service Cloud versions through 5.1.4.000298: Upgrade to version 5.1.4.000309 or later. Progress DataDirect Connect for JDBC for PostgreSQL versions through 6.0.0.001843: Upgrade to version 6.0.0.001856 or later. Progress DataDirect Connect for JDBC for Progress OpenEdge versions through 5.1.4.000187: Upgrade to version 5.1.4.000189 or later. Progress DataDirect Connect for JDBC for Salesforce versions through 6.0.0.003020: Upgrade to version 6.0.0.003125 or later. Progress DataDirect Connect for JDBC for SAP HANA versions through 6.0.0.000879: This product is retired. Progress DataDirect Connect for JDBC for SAP S/4 HANA versions through 6.0.1.001818: Upgrade to version 6.0.1.001858 or later. Progress DataDirect Connect for JDBC for Sybase ASE versions through 5.1.4.000161: Upgrade to version 5.1.4.000162 or later. Progress DataDirect Connect for JDBC for Snowflake versions through 6.0.1.001821: Upgrade to version 6.0.1.001856 or later. DataDirect Hybrid Data Pipeline Server versions through 4.6.2.3309: Upgrade to version 4.6.2.3430 or later. DataDirect Hybrid Data Pipeline JDBC Driver versions through 4.6.2.0607: Upgrade to version 4.6.2.1023 or later. DataDirect Hybrid Data Pipeline On Premises Connector versions through 4.6.2.1223: Upgrade to version 4.6.2.1339 or later. DataDirect Hybrid Data Pipeline Docker versions through 4.6.2.3316: Upgrade to version 4.6.2.3430 or later. DataDirect OpenAccess JDBC Driver versions through 8.1.0.0177: Upgrade to version 8.1.0.0183 or later. DataDirect OpenAccess JDBC Driver versions through 9.0.0.0019: Upgrade to version 9.0.0.0022 or later.

**Name of the Vulnerable Software and Affected Versions** RWS WorldServer versions prior to 11.7.3 **Description** An issue was discovered in RWS WorldServer where the /clientLogin endpoint deserializes Java objects without authentication, leading to command execution on the host. **Recommendations** For versions prior to 11.7.3, update to version 11.7.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the /clientLogin endpoint until a patch is available.

**Name of the Vulnerable Software and Affected Versions** RWS WorldServer versions prior to 11.7.3 **Description** An issue was discovered that allows regular users to create users with the Administrator role via `UserWSUserManager`. This enables unauthorized elevation of privileges. **Recommendations** For versions prior to 11.7.3, update to version 11.7.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the `UserWSUserManager` to prevent unauthorized user creation.

**Name of the Vulnerable Software and Affected Versions** RWS WorldServer versions prior to 11.7.3 **Description** An issue was discovered that allows an authenticated, remote attacker to perform a blind SSRF attack using the `ws-legacy/load dtd?system id=` endpoint to deploy JSP code to the Apache Axis service running on the localhost interface, leading to command execution. **Recommendations** For versions prior to 11.7.3, update to version 11.7.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the `ws-legacy/load dtd` endpoint until a patch is available. Avoid using the `system id` parameter in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** RWS WorldServer versions prior to 11.7.3 **Description** An issue was discovered in RWS WorldServer where adding a token parameter with the value of `02` bypasses all authentication requirements. This allows arbitrary Java code to be uploaded and executed via a `.jar` archive to the "ws-api/v2/customizations/api" endpoint. **Recommendations** For versions prior to 11.7.3, update to version 11.7.3 or later to resolve the issue. As a temporary workaround, consider restricting access to the "ws-api/v2/customizations/api" endpoint until a patch is available. Avoid using the `token` parameter with the value of `02` in the affected API endpoint until the issue is resolved.

**Name of the Vulnerable Software and Affected Versions** ESET NOD32 Antivirus versions prior to 15.1.12.0 ESET Internet Security versions prior to 15.1.12.0 ESET Smart Security Premium versions prior to 15.1.12.0 ESET Endpoint Antivirus versions prior to 9.0.2046.0 ESET Endpoint Security versions prior to 9.0.2046.0 ESET Server Security for Microsoft Windows Server versions prior to 9.0.12012.0 ESET File Security for Microsoft Windows Server version 8.0.12013.0 ESET Mail Security for Microsoft Exchange Server versions prior to 8.0.10020.0 ESET Mail Security for IBM Domino versions prior to 8.0.14011.0 ESET Security for Microsoft SharePoint Server versions prior to 8.0.15009.0 **Description** The issue is related to a privilege escalation vulnerability in ESET products, which can be exploited due to incorrect handling of insufficient permissions or privileges. This may allow an attacker to delete arbitrary files by exploiting the "Repair" and "Uninstall" features. **Recommendations** For ESET NOD32 Antivirus versions prior to 15.1.12.0, update to version 15.1.12.0 or later. For ESET Internet Security versions prior to 15.1.12.0, update to version 15.1.12.0 or later. For ESET Smart Security Premium versions prior to 15.1.12.0, update to version 15.1.12.0 or later. For ESET Endpoint Antivirus versions prior to 9.0.2046.0, update to version 9.0.2046.0 or later. For ESET Endpoint Security versions prior to 9.0.2046.0, update to version 9.0.2046.0 or later. For ESET Server Security for Microsoft Windows Server versions prior to 9.0.12012.0, update to version 9.0.12012.0 or later. For ESET File Security for Microsoft Windows Server version 8.0.12013.0, consider updating to a newer version, but no specific fixed version is provided. For ESET Mail Security for Microsoft Exchange Server versions prior to 8.0.10020.0, update to version 8.0.10020.0 or later. For ESET Mail Security for IBM Domino versions prior to 8.0.14011.0, update to version 8.0.14011.0 or later. For ESET Security for Microsoft SharePoint Server versions prior to 8.0.15009.0, update to version 8.0.15009.0 or later.