CData Jetty Path Traversal (CVE-2024-31848/CVE-2024-31849/CVE-2024-31850/CVE-2024-31851)
Description
Multiple CData products running on the embedded Jetty server contain a path traversal vulnerability that allows attackers to bypass authentication mechanisms. By sending specially crafted HTTP requests with manipulated file paths, an unauthenticated remote attacker can access restricted resources, sensitive files, and administrative endpoints that should require authentication. This vulnerability affects multiple CData products and is tracked under CVE-2024-31848, CVE-2024-31849, CVE-2024-31850, and CVE-2024-31851.
Remediation
Immediately upgrade all affected CData products to the latest patched versions as specified in the vendor security advisory at https://www.cdata.com/kb/entries/jetty-cve-0324.rst. Follow these steps:
1. Identify all CData products in your environment running the embedded Jetty server
2. Review the vendor advisory to determine the minimum patched version for each product
3. Schedule maintenance windows to apply updates with minimal service disruption
4. Download and install the latest version from the official CData website
5. Verify the installation and confirm the version number post-upgrade
6. Review access logs for any suspicious activity or unauthorized access attempts prior to patching
7. If immediate patching is not possible, implement network-level controls to restrict access to CData services to trusted IP addresses only until patches can be applied