Arbitrary File Read Vulnerability in Davinci 0.3.0-rc

Arbitrary File Read Vulnerability in Davinci 0.3.0-rc

CVE-2023-31847 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N

In davinci 0.3.0-rc after logging in, the user can connect to the mysql malicious server by controlling the data source to read arbitrary files on the client side.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.