{"dataType": "CVE_RECORD", "dataVersion": "5.1", "cveMetadata": {"cveId": "CVE-2025-53006", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "state": "PUBLISHED", "assignerShortName": "GitHub_M", "dateReserved": "2025-06-24T03:50:36.795Z", "datePublished": "2025-07-02T14:22:31.107Z", "dateUpdated": "2025-07-02T14:37:30.510Z"}, "containers": {"cna": {"title": "Dataease PostgreSQL & Redshift Data Source JDBC Connection Parameters Bypass Vulnerability", "problemTypes": [{"descriptions": [{"cweId": "CWE-153", "lang": "en", "description": "CWE-153: Improper Neutralization of Substitution Characters", "type": "CWE"}]}], "metrics": [{"cvssV4_0": {"attackVector": "NETWORK", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "userInteraction": "NONE", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "subAvailabilityImpact": "NONE", "baseScore": 8.9, "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P", "version": "4.0"}}], "references": [{"name": "https://github.com/dataease/dataease/security/advisories/GHSA-q726-5pr9-x7gm", "tags": ["x_refsource_CONFIRM"], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-q726-5pr9-x7gm"}], "affected": [{"vendor": "dataease", "product": "dataease", "versions": [{"version": "< 2.10.11", "status": "affected"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-07-02T14:22:31.107Z"}, "descriptions": [{"lang": "en", "value": "DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, in both PostgreSQL and Redshift, apart from parameters like \"socketfactory\" and \"socketfactoryarg\", there are also \"sslfactory\" and \"sslfactoryarg\" with similar functionality. The difference lies in that \"sslfactory\" and related parameters need to be triggered after establishing the connection. Other similar parameters include \"sslhostnameverifier\", \"sslpasswordcallback\", and \"authenticationPluginClassName\". This issue has been patched in 2.10.11."}], "source": {"advisory": "GHSA-q726-5pr9-x7gm", "discovery": "UNKNOWN"}}, "adp": [{"metrics": [{"other": {"type": "ssvc", "content": {"timestamp": "2025-07-02T14:36:35.823694Z", "id": "CVE-2025-53006", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "role": "CISA Coordinator", "version": "2.0.3"}}}], "title": "CISA ADP Vulnrichment", "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-02T14:37:30.510Z"}}]}}

{"dataType": "CVE_RECORD", "containers": {"adp": [{"title": "CISA ADP Vulnrichment", "metrics": [{"other": {"type": "ssvc", "content": {"id": "CVE-2025-53006", "role": "CISA Coordinator", "options": [{"Exploitation": "poc"}, {"Automatable": "yes"}, {"Technical Impact": "total"}], "version": "2.0.3", "timestamp": "2025-07-02T14:36:35.823694Z"}}}], "providerMetadata": {"orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0", "shortName": "CISA-ADP", "dateUpdated": "2025-07-02T14:36:39.482Z"}}], "cna": {"title": "Dataease PostgreSQL & Redshift Data Source JDBC Connection Parameters Bypass Vulnerability", "source": {"advisory": "GHSA-q726-5pr9-x7gm", "discovery": "UNKNOWN"}, "metrics": [{"cvssV4_0": {"version": "4.0", "baseScore": 8.9, "attackVector": "NETWORK", "baseSeverity": "HIGH", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P", "userInteraction": "NONE", "attackComplexity": "LOW", "attackRequirements": "NONE", "privilegesRequired": "NONE", "subIntegrityImpact": "NONE", "vulnIntegrityImpact": "HIGH", "subAvailabilityImpact": "NONE", "vulnAvailabilityImpact": "HIGH", "subConfidentialityImpact": "NONE", "vulnConfidentialityImpact": "HIGH"}}], "affected": [{"vendor": "dataease", "product": "dataease", "versions": [{"status": "affected", "version": "< 2.10.11"}]}], "references": [{"url": "https://github.com/dataease/dataease/security/advisories/GHSA-q726-5pr9-x7gm", "name": "https://github.com/dataease/dataease/security/advisories/GHSA-q726-5pr9-x7gm", "tags": ["x_refsource_CONFIRM"]}], "descriptions": [{"lang": "en", "value": "DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, in both PostgreSQL and Redshift, apart from parameters like \"socketfactory\" and \"socketfactoryarg\", there are also \"sslfactory\" and \"sslfactoryarg\" with similar functionality. The difference lies in that \"sslfactory\" and related parameters need to be triggered after establishing the connection. Other similar parameters include \"sslhostnameverifier\", \"sslpasswordcallback\", and \"authenticationPluginClassName\". This issue has been patched in 2.10.11."}], "problemTypes": [{"descriptions": [{"lang": "en", "type": "CWE", "cweId": "CWE-153", "description": "CWE-153: Improper Neutralization of Substitution Characters"}]}], "providerMetadata": {"orgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "shortName": "GitHub_M", "dateUpdated": "2025-07-02T14:22:31.107Z"}}}, "cveMetadata": {"cveId": "CVE-2025-53006", "state": "PUBLISHED", "dateUpdated": "2025-07-02T14:37:30.510Z", "dateReserved": "2025-06-24T03:50:36.795Z", "assignerOrgId": "a0819718-46f1-4df5-94e2-005712e83aaa", "datePublished": "2025-07-02T14:22:31.107Z", "assignerShortName": "GitHub_M"}, "dataVersion": "5.1"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:dataease:dataease:*:*:*:*:*:*:*:*", "matchCriteriaId": "94D6FC7B-9044-4D93-8D06-1564C91EC5A9", "versionEndExcluding": "2.10.11", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, in both PostgreSQL and Redshift, apart from parameters like \"socketfactory\" and \"socketfactoryarg\", there are also \"sslfactory\" and \"sslfactoryarg\" with similar functionality. The difference lies in that \"sslfactory\" and related parameters need to be triggered after establishing the connection. Other similar parameters include \"sslhostnameverifier\", \"sslpasswordcallback\", and \"authenticationPluginClassName\". This issue has been patched in 2.10.11."}, {"lang": "es", "value": "DataEase es una herramienta de c\u00f3digo abierto para inteligencia empresarial y visualizaci\u00f3n de datos. Antes de la versi\u00f3n 2.10.11, tanto en PostgreSQL como en Redshift, adem\u00e1s de par\u00e1metros como \"socketfactory\" y \"socketfactoryarg\", tambi\u00e9n exist\u00edan \"sslfactory\" y \"sslfactoryarg\" con funcionalidades similares. La diferencia radica en que \"sslfactory\" y sus par\u00e1metros relacionados deben activarse tras establecer la conexi\u00f3n. Otros par\u00e1metros similares incluyen \"sslhostnameverifier\", \"sslpasswordcallback\" y \"authenticationPluginClassName\". Este problema se ha corregido en la versi\u00f3n 2.10.11."}], "id": "CVE-2025-53006", "lastModified": "2025-07-10T15:16:32.103", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 9.8, "baseSeverity": "CRITICAL", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "NONE", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 3.9, "impactScore": 5.9, "source": "[email protected]", "type": "Primary"}], "cvssMetricV40": [{"cvssData": {"Automatable": "NOT_DEFINED", "Recovery": "NOT_DEFINED", "Safety": "NOT_DEFINED", "attackComplexity": "LOW", "attackRequirements": "NONE", "attackVector": "NETWORK", "availabilityRequirement": "NOT_DEFINED", "baseScore": 8.9, "baseSeverity": "HIGH", "confidentialityRequirement": "NOT_DEFINED", "exploitMaturity": "PROOF_OF_CONCEPT", "integrityRequirement": "NOT_DEFINED", "modifiedAttackComplexity": "NOT_DEFINED", "modifiedAttackRequirements": "NOT_DEFINED", "modifiedAttackVector": "NOT_DEFINED", "modifiedPrivilegesRequired": "NOT_DEFINED", "modifiedSubAvailabilityImpact": "NOT_DEFINED", "modifiedSubConfidentialityImpact": "NOT_DEFINED", "modifiedSubIntegrityImpact": "NOT_DEFINED", "modifiedUserInteraction": "NOT_DEFINED", "modifiedVulnAvailabilityImpact": "NOT_DEFINED", "modifiedVulnConfidentialityImpact": "NOT_DEFINED", "modifiedVulnIntegrityImpact": "NOT_DEFINED", "privilegesRequired": "NONE", "providerUrgency": "NOT_DEFINED", "subAvailabilityImpact": "NONE", "subConfidentialityImpact": "NONE", "subIntegrityImpact": "NONE", "userInteraction": "NONE", "valueDensity": "NOT_DEFINED", "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:P/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X", "version": "4.0", "vulnAvailabilityImpact": "HIGH", "vulnConfidentialityImpact": "HIGH", "vulnIntegrityImpact": "HIGH", "vulnerabilityResponseEffort": "NOT_DEFINED"}, "source": "[email protected]", "type": "Secondary"}]}, "published": "2025-07-02T15:15:27.343", "references": [{"source": "[email protected]", "tags": ["Exploit", "Vendor Advisory"], "url": "https://github.com/dataease/dataease/security/advisories/GHSA-q726-5pr9-x7gm"}], "sourceIdentifier": "[email protected]", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-153"}], "source": "[email protected]", "type": "Primary"}]}

{}