Directory Traversal Vulnerability in Talend Data Catalog
CVE-2023-36301

7.5HIGH

Key Information:

Vendor: Talend
Status: Data Catalog
Vendor: CVE Published:; 26 June 2023

What is CVE-2023-36301?

A directory traversal vulnerability exists in Talend Data Catalog that affects versions prior to 8.0-20230221, specifically within the HeaderImageServlet component. This flaw could allow attackers to access restricted files on the server, potentially exposing sensitive data or impacting the integrity of the application. It is crucial for users to update their installations to mitigate the risk associated with this vulnerability.

References

https://help.talend.com/r/en-US/Talend-Products-CVEs/Tale...

CVSS V3.1

Score:

7.5

Severity:

HIGH

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Network

Attack Complexity:

Low

Privileges Required:

None

User Interaction:

None

Scope:

Unchanged

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Jun 26, 2023
Vulnerability Reserved
Jun 21, 2023

CVE-2023-36301 Data

JSON