CVE-2025-58748

HIGH EPSS 50.6%
Published Sep 15, 20259mo ago · Modified Jun 17, 20261w ago
8.7 CVSS 4.0
High
Find Similar
Published Sep 15, 2025 9mo ago
Last Modified Jun 17, 2026 1w ago

Description

Dataease is an open source data analytics and visualization platform. In Dataease versions up to 2.10.12 the H2 data source implementation (H2.java) does not verify that a provided JDBC URL starts with jdbc:h2. This lack of validation allows a crafted JDBC configuration that substitutes the Amazon Redshift driver and leverages the socketFactory and socketFactoryArg parameters to invoke org.springframework.context.support.FileSystemXmlApplicationContext or ClassPathXmlApplicationContext with an attacker‑controlled remote XML resource, resulting in remote code execution. Versions up to and including 2.10.12 are affected. The issue is fixed in version 2.10.13. Updating to version 2.10.13 or later is the recommended remediation. No known workarounds exist.

CVSS Details

Base Score
8.7
Exploitability
Impact
Vector string
CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
Attack Vector Network
Attack Complexity Low
Privileges Required Low
User Interaction None
Scope X

Threat Intelligence

EPSS Exploit Probability
50.6% percentile
Exploit & Patch Status
Public Exploit Known
Patch Available

Weaknesses 1

CWE-502 Deserialization of Untrusted Data Validation

Affected Products 1

VendorProductVersionRange
dataeasedataease* <2.10.13

References 2

  • github.com https://github.com/dataease/dataease/commit/23a45e72a7abc37d5680b0a7cf691b8df378d4ef
    Patch
  • github.com https://github.com/dataease/dataease/security/advisories/GHSA-23qw-9qrh-9rr8
    ExploitVendor Advisory

Remediation

  • github.com https://github.com/dataease/dataease/commit/23a45e72a7abc37d5680b0a7cf691b8df378d4ef
    Patch