Description
Ververica Platform 2.14.0 allows low-privileged users to access SQL connectors via a direct namespaces/default/formats request.
References (3)
Core 3
Core References
Exploit, Issue Tracking
https://github.com/gozan10/cve/issues/18
Product
https://www.ververica.com
Scores
CVSS v3
5.0
EPSS
0.0031
EPSS Percentile
22.1%
Attack Vector
NETWORK
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:L/A:N
CISA SSVC
Vulnrichment
Exploitation
poc
Automatable
no
Technical Impact
partial
Details
CWE
CWE-425
Status
published
Products (1)
ververica/ververica_platform
2.14.0
Published
Apr 27, 2025
Tracked Since
Feb 18, 2026