Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2025-53004

DataEase is an open source business intelligence and data visualization tool. Prior to version 2.10.11, there is a bypass vulnerability in Dataease's Redshift Data Source JDBC Connection Parameters. The sslfactory and sslfactoryarg parameters could trigger a bypass vulnerability. This issue has been patched in version 2.10.11.

Published

2025-06-30T21:15:31.563

Last Modified

2025-07-10T13:42:12.150

Status

Analyzed

Source

[email protected]

Severity

CVSSv3.1: 9.8 (CRITICAL)

Weaknesses
  • Type: Secondary
    CWE-153
Affected Vendors & Products
Type Vendor Product Version/Range Vulnerable?
Application dataease dataease < 2.10.11 Yes
References