Pho3N1X

**Name of the Vulnerable Software and Affected Versions** Apache Kylin versions 4.0.0 through 5.0.1 **Description** The issue is related to improper control of generation of code, also known as 'Code Injection'. If an attacker gains access to Kylin's system or project admin permission, they may alter the JDBC connection configuration to execute arbitrary code from a remote location. However, if Kylin's system and project admin access is well protected, the risk is mitigated. **Recommendations** For Apache Kylin versions 4.0.0 through 5.0.1, upgrade to version 5.0.2 or above to fix the issue.

Name of the Vulnerable Software and Affected Versions: Apache Linkis version 1.4.0 Description: The issue is related to the lack of effective filtering of parameters in the DataSource Manager Module of Apache Linkis, allowing an attacker to configure malicious Mysql JDBC parameters and trigger arbitrary file reading. This attack requires the attacker to obtain an authorized account from Linkis before it can be carried out. The parameters in the Mysql JDBC URL should be blacklisted to prevent exploitation. Recommendations: For Apache Linkis version 1.4.0, we recommend upgrading to version 1.5.0 to resolve the issue. As a temporary workaround, consider blacklisting the parameters in the Mysql JDBC URL to minimize the risk of exploitation. Restrict access to the DataSource Manager Module to authorized accounts only.

Name of the Vulnerable Software and Affected Versions: Apache Linkis versions <= 1.5.0 Description: The issue is related to a deserialization vulnerability in the MySQL Data Source Handler component of Apache Linkis, which can be exploited for remote code execution. This can be achieved by injecting malicious files into the server through jrmp. The attack requires the attacker to have an authorized account from Linkis. Recommendations: For Apache Linkis versions <= 1.5.0, upgrade the Java version to >= 1.8.0 241. For Apache Linkis versions <= 1.5.0, upgrade Linkis to version 1.6.0.

**Name of the Vulnerable Software and Affected Versions** jeecg-boot version 3.5.3 **Description** The issue allows remote attackers to escalate privileges and obtain sensitive information via the jmreport/qurestSql component. This is a SQL injection vulnerability, which means attackers can inject malicious SQL code to manipulate the database. The estimated number of potentially affected devices worldwide is not specified. There is no information about real-world incidents where this issue was exploited. **Recommendations** For jeecg-boot version 3.5.3, consider disabling the jmreport/qurestSql component until a patch is available to prevent exploitation. Restrict access to sensitive information and privileges to minimize the risk of escalation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** jeecg-boot version 3.5.3 **Description** The issue allows remote attackers to escalate privileges and obtain sensitive information via the component /sys/replicate/check. This is a SQL injection vulnerability, which means that an attacker can inject malicious SQL code to manipulate the database and extract or modify sensitive data. **Recommendations** For jeecg-boot version 3.5.3, consider disabling access to the /sys/replicate/check component until a patch is available. Additionally, restrict privileges to minimize the risk of exploitation. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

**Name of the Vulnerable Software and Affected Versions** jeecg-boot version 3.5.3 **Description** The issue is an SSTI injection vulnerability that allows remote attackers to execute arbitrary code via a crafted HTTP request to the "/jmreport/loadTableData" component. This enables attackers to potentially gain control over the system. **Recommendations** For jeecg-boot version 3.5.3, consider disabling access to the "/jmreport/loadTableData" component until a patch is available to prevent exploitation. Restricting access to this component can help minimize the risk of arbitrary code execution. At the moment, there is no information about a newer version that contains a fix for this vulnerability.