Jokubas Arsoba

Name of the Vulnerable Software and Affected Versions: Database Security versions prior to 4.8.4 Description: A denial-of-service issue allows a remote authenticated administrator to trigger a denial-of-service attack against the Database Security server. The configuration of Archiving through the User interface incorrectly allowed the creation of directories and files in Windows system directories and other locations where sensitive data could be overwritten, potentially leading to data destruction on the server. Recommendations: For versions prior to 4.8.4, update to version 4.8.4 or later to resolve the issue. As a temporary workaround, consider restricting access to the Archiving feature through the User interface to minimize the risk of exploitation. Additionally, restrict the creation of directories and files in sensitive locations to prevent potential data destruction.