CVE-2020-1853

Name of the Vulnerable Software and Affected Versions GaussDB 200 version 6.5.1

Description The issue is related to a path traversal vulnerability due to insufficient input path validation. An authenticated attacker can exploit this to traverse directories and download files to a specific directory, potentially causing information leakage.

Recommendations For GaussDB 200 version 6.5.1, consider restricting access to sensitive directories and files as a temporary mitigation measure until a patch is available. Additionally, ensure that input path validation is properly implemented to prevent directory traversal attacks.