Sensitive Information Exposure in Datalust Seq (before 2023.2.9489) via External Metadata Storage

Sensitive Information Exposure in Datalust Seq (before 2023.2.9489) via External Metadata Storage

CVE-2023-38195 · MEDIUM Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Datalust Seq before 2023.2.9489 allows insertion of sensitive information into an externally accessible file or directory. This is exploitable only when external (SQL Server or PostgreSQL) metadata storage is used. Exploitation can only occur from a high-privileged user account.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.