Cyber Resilience

CVE-2022-47874

MediumPublic PoC

Published: 02 May 2023

Published
02 May 2023
Modified
30 January 2025
KEV Added
Patch
CVSS Score v3.1 6.5 CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
EPSS Score 0.1410 94.5th percentile
Risk Priority 21 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2022-47874 is a medium-severity Incorrect Authorization (CWE-863) vulnerability in Jedox Cloud. Its CVSS base score is 6.5 (Medium).

Operationally, ranked in the top 5.5% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog; a public proof-of-concept is referenced.

Deeper analysis

CVE-2022-47874 is an improper access control flaw (CWE-863) affecting the /tc/rpc endpoint in Jedox GmbH Jedox version 2020.2.5. Remote authenticated users can invoke the class com.jedox.etl.mngr.Connections and its getGlobalConnection method to retrieve details of configured database connections. The issue carries a CVSS 3.1 score of 6.5, reflecting network attack vector, low complexity, and low privileges required with high impact to confidentiality.

An attacker who already possesses valid low-privileged credentials can exploit the endpoint to obtain database connection information, including credentials, without any further authorization checks. This exposure enables subsequent attacks against the underlying databases or lateral movement within the environment.

Public references include a detailed vulnerability disclosure report and proof-of-concept material on Packet Storm that describe the affected RPC call. The EPSS score rose from a low baseline to a peak of 0.3501 before receding to the current value of 0.1410, indicating measurable post-disclosure exploitation interest.

EU & UK References

Vulnerability details

Improper Access Control in /tc/rpc in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to view details of database connections via class 'com.jedox.etl.mngr.Connections' and method 'getGlobalConnection'.

CWE(s)

Related Threats

No named actor attribution yet. ATT&CK technique mapping in progress for this CVE.

Affected Assets

jedox
cloud
all versions
jedox
jedox
2020.2.5

Mitigating Controls

Likely Mitigating Controls AI

Per-CVE control mapping for this CVE has not run yet; the list below is derived from the weakness types (CWEs) cited in the NVD entry.

addresses: CWE-863

Periodic review and update of procedures reduces incorrect authorization implementations over time.

addresses: CWE-863

Supervision identifies cases where authorization logic incorrectly permits unauthorized actions.

addresses: CWE-863

Defining permitted attribute values and auditing modifications reduces the chance of incorrect authorization outcomes due to tampered or missing labels.

addresses: CWE-863

The authorization process and usage restrictions help prevent incorrect authorization for remote access types.

addresses: CWE-863

Establishing configuration and connection requirements helps ensure correct rather than incorrect authorization for wireless access.

addresses: CWE-863

Establishing connection authorization processes for mobile devices helps ensure authorization decisions are correctly implemented rather than incorrect.

addresses: CWE-863

Monitoring account use, notifying on changes, and reviewing accounts for compliance corrects incorrect authorization assignments.

addresses: CWE-863

Ensures authorization decisions for external system use are correctly implemented and enforced.

References