Vulnerabilities > Jedox

DATE	CVE	VULNERABILITY TITLE	RISK
2023-05-12	CVE-2022-47879	Unspecified vulnerability in Jedox and Jedox Cloud A Remote Code Execution (RCE) vulnerability in /be/rpc.php in Jedox 2020.2.5 allows remote authenticated users to load arbitrary PHP classes from the 'rtn' directory and execute its methods. network high complexity jedox	7.5
2023-05-12	CVE-2022-47880	Insufficiently Protected Credentials vulnerability in Jedox and Jedox Cloud An Information disclosure vulnerability in /be/rpc.php in Jedox GmbH Jedox 2020.2.5 allow remote, authenticated users with permissions to modify database connections to disclose a connections' cleartext password via the 'test connection' function. network high complexity jedox CWE-522	5.3
2023-05-02	CVE-2022-47874	Unspecified vulnerability in Jedox Cloud and Jedox Improper Access Control in /tc/rpc in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to view details of database connections via class 'com.jedox.etl.mngr.Connections' and method 'getGlobalConnection'. network low complexity jedox	6.5
2023-05-02	CVE-2022-47875	Path Traversal vulnerability in Jedox Cloud and Jedox A Directory Traversal vulnerability in /be/erpc.php in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to execute arbitrary code. network low complexity jedox CWE-22	8.8
2023-05-02	CVE-2022-47876	Unspecified vulnerability in Jedox 2020.2.5 The integrator in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to create Jobs to execute arbitrary code via Groovy-scripts. network low complexity jedox	8.8
2023-05-02	CVE-2022-47877	Cross-site Scripting vulnerability in Jedox 2020.2.5 A Stored cross-site scripting vulnerability in Jedox 2020.2.5 allows remote, authenticated users to inject arbitrary web script or HTML in the Logs page via the log module 'log'. network low complexity jedox CWE-79	5.4
2023-05-02	CVE-2022-47878	Unrestricted Upload of File with Dangerous Type vulnerability in Jedox 2020.2.5 Incorrect input validation for the default-storage-path in the settings page in Jedox 2020.2.5 allows remote, authenticated users to specify the location as Webroot directory. network low complexity jedox CWE-434	8.8

Vulnerabilities > Jedox {"@context":"https://schema.org","@type":"BreadcrumbList","itemListElement":[{"@type":"ListItem","position":1,"name":"Vulnerabilities","item":"https://cyber.vumetric.com/vulns/"},{"@type":"ListItem","position":2,"name":"Jedox"}]}

Vulnerabilities > Jedox