CVE-2023-38702

Name of the Vulnerable Software and Affected Versions Knowage versions 6.x.x through 8.1.7

Description Knowage is an open source analytics and business intelligence suite. The endpoint "/knowage/restful-services/dossier/importTemplateFile" allows authenticated users to upload a template file on the server without needing authorization. An attacker can upload a JSP file and then connect to "/knowageqbeengine/foo.jsp" to gain code execution on the server. This issue can be exploited by an attacker with low privileges to upload a JSP file to the knowageqbeengine directory and gain code execution capability on the server.

Recommendations For Knowage versions 6.x.x through 8.1.7, update to version 8.1.8 to resolve the issue. As a temporary workaround, consider restricting access to the "/knowage/restful-services/dossier/importTemplateFile" endpoint and the knowageqbeengine directory to minimize the risk of exploitation. Avoid using the endpoint "/knowageqbeengine/foo.jsp" until the issue is resolved.