Sqlbot
Monthly
Cross-workspace IDOR in SQLBot (DataEase) versions prior to 1.8.0 allows authenticated low-privilege users to read and modify database schemas and data sources belonging to other tenants via the /api/v1/datasource/exportDsSchema and /api/v1/datasource/uploadDsSchema endpoints. The flaw breaks multi-tenant isolation in a Text-to-SQL platform that brokers access to backend databases, meaning a tenant can pivot to another tenant's data sources. No public exploit identified at time of analysis, and EPSS probability is very low (0.04%), but SSVC rates technical impact as total.
A Server-Side Request Forgery (SSRF) vulnerability in SQLBot, an intelligent data query system based on large language models and RAG, allows unauthenticated remote attackers to read arbitrary files from the server's filesystem. SQLBot versions prior to 1.7.0 are affected, with the vulnerability exploitable through the /api/v1/datasource/check endpoint by configuring a malicious MySQL data source that triggers a LOAD DATA LOCAL INFILE attack during connection verification. The CVSS score of 8.7 with network-based attack vector and no privileges required indicates critical severity, though no KEV listing or EPSS data suggests exploitation in the wild has not yet been widely observed.
A vulnerability was found in Dataease SQLBot up to 1.5.1. This impacts the function validateEmbedded of the file backend/apps/system/middleware/auth.py of the component JWT Token Handler. Performing a manipulation results in improper verification of cryptographic signature. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitability is said to be difficult. The exploit has been made public and could be used. A comment in the source code warns use...
A vulnerability has been found in Dataease SQLBot up to 1.4.0. This affects an unknown function of the file backend/apps/system/api/assistant.py of the component API Endpoint. [CVSS 6.3 MEDIUM]
SQLBot is an intelligent data query system based on a large language model and RAG. [CVSS 6.1 MEDIUM]
Cross-workspace IDOR in SQLBot (DataEase) versions prior to 1.8.0 allows authenticated low-privilege users to read and modify database schemas and data sources belonging to other tenants via the /api/v1/datasource/exportDsSchema and /api/v1/datasource/uploadDsSchema endpoints. The flaw breaks multi-tenant isolation in a Text-to-SQL platform that brokers access to backend databases, meaning a tenant can pivot to another tenant's data sources. No public exploit identified at time of analysis, and EPSS probability is very low (0.04%), but SSVC rates technical impact as total.
A Server-Side Request Forgery (SSRF) vulnerability in SQLBot, an intelligent data query system based on large language models and RAG, allows unauthenticated remote attackers to read arbitrary files from the server's filesystem. SQLBot versions prior to 1.7.0 are affected, with the vulnerability exploitable through the /api/v1/datasource/check endpoint by configuring a malicious MySQL data source that triggers a LOAD DATA LOCAL INFILE attack during connection verification. The CVSS score of 8.7 with network-based attack vector and no privileges required indicates critical severity, though no KEV listing or EPSS data suggests exploitation in the wild has not yet been widely observed.
A vulnerability was found in Dataease SQLBot up to 1.5.1. This impacts the function validateEmbedded of the file backend/apps/system/middleware/auth.py of the component JWT Token Handler. Performing a manipulation results in improper verification of cryptographic signature. The attack can be initiated remotely. The attack is considered to have high complexity. The exploitability is said to be difficult. The exploit has been made public and could be used. A comment in the source code warns use...
A vulnerability has been found in Dataease SQLBot up to 1.4.0. This affects an unknown function of the file backend/apps/system/api/assistant.py of the component API Endpoint. [CVSS 6.3 MEDIUM]
SQLBot is an intelligent data query system based on a large language model and RAG. [CVSS 6.1 MEDIUM]