Description

DataSourceResource.java in the SpagoBI API support in Knowage Server in KNOWAGE before 8.1.30 does not ensure that java:comp/env/jdbc/ occurs at the beginning of a JNDI Name.

INFO

Published Date :

2025-02-16T00:00:00.000Z

Last Modified :

2025-03-21T13:48:38.429Z

Source :

mitre
AFFECTED PRODUCTS

The following products are affected by CVE-2024-57971 vulnerability.

No data.

REFERENCES

Here, you will find a curated list of external links that provide in-depth information to CVE-2024-57971.

URL Resource
https://github.com/KnowageLabs/Knowage-Server/commit/f7d0362f737e1b0db1cc9cc95b1236d62d83dd0c cve-icon cve-icon
https://github.com/KnowageLabs/Knowage-Server/compare/v8.1.29...v8.1.30 cve-icon cve-icon
https://github.com/darumaseye/CVEs/blob/ec2de9f7ecffde466e687745bfdfc672e86241d7/CVE-2024-57971.md cve-icon cve-icon
https://spagobi.readthedocs.io cve-icon cve-icon
Login to claim this CVE

CVSS Vulnerability Scoring System

Detailed values of each vector for above chart.
Attack Vector
Attack Complexity
Privileges Required
User Interaction
Scope
Confidentiality Impact
Integrity Impact
Availability Impact