fkie_nvd - fkie_cve-2025-10702

FKIE_CVE-2025-10702

Vulnerability from fkie_nvd - Published: 2025-11-19 16:15 - Updated: 2025-11-19 19:14

Severity ?

8.6 (High) - CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H

Summary

Improper Control of Generation of Code ('Code Injection') vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows Remote Code Inclusion. The SpyAttribute connection option implemented by the DataDirect Connect for JDBC drivers, DataDirect Hybrid Data Pipeline JDBC driver and the DataDirect OpenAccess JDBC driver supports an undocumented syntax construct for the option value that if discovered can be used by an attacker. If an application allows an end user to specify a value for the SpyAttributes connection option then an attacker can use the undocumented syntax to cause the driver to load an arbitrary class on the class path and execute a constructor on that class. This issue affects: DataDirect Connect for JDBC for Amazon Redshift: through 6.0.0.001392, fixed in 6.0.0.001541 DataDirect Connect for JDBC for Apache Cassandra: through 6.0.0.000805, fixed in 6.0.0.000833 DataDirect Connect for JDBC for Hive: through 6.0.1.001499, fixed in 6.0.1.001628 DataDirect Connect for JDBC for Apache Impala: through 6.0.0.001155, fixed in 6.0.0.001279 DataDirect Connect for JDBC for Apache SparkSQL: through 6.0.1.001222, fixed in 6.0.1.001344 DataDirect Connect for JDBC Autonomous REST Connector: through 6.0.1.006961, fixed in 6.0.1.007063 DataDirect Connect for JDBC for DB2: through 6.0.0.000717, fixed in 6.0.0.000964 DataDirect Connect for JDBC for Google Analytics 4: through 6.0.0.000454, fixed in 6.0.0.000525 DataDirect Connect for JDBC for Google BigQuery: through 6.0.0.002279, fixed in 6.0.0.002410 DataDirect Connect for JDBC for Greenplum: through 6.0.0.001712, fixed in 6.0.0.001727 DataDirect Connect for JDBC for Informix: through 6.0.0.000690, fixed in 6.0.0.0851 DataDirect Connect for JDBC for Microsoft Dynamics 365: through 6.0.0.003161, fixed in 6.0.0.3198 DataDirect Connect for JDBC for Microsoft SQLServer: through 6.0.0.001936, fixed in 6.0.0.001957 DataDirect Connect for JDBC for Microsoft Sharepoint: through 6.0.0.001559, fixed in 6.0.0.001587 DataDirect Connect for JDBC for MongoDB: through 6.1.0.001654, fixed in 6.1.0.001669 DataDirect Connect for JDBC for MySQL: through 5.1.4.000330, fixed in 5.1.4.000364 DataDirect Connect for JDBC for Oracle Database: through 6.0.0.001747, fixed in 6.0.0.001776 DataDirect Connect for JDBC for Oracle Eloqua: through 6.0.0.001438, fixed in 6.0.0.001458 DataDirect Connect for JDBC for Oracle Sales Cloud: through 6.0.0.001225, fixed in 6.0.0.001316 DataDirect Connect for JDBC for Oracle Service Cloud: through 5.1.4.000298, fixed in 5.1.4.000309 DataDirect Connect for JDBC for PostgreSQL: through 6.0.0.001843, fixed in 6.0.0.001856 DataDirect Connect for JDBC for Progress OpenEdge: through 5.1.4.000187, fixed in 5.1.4.000189 DataDirect Connect for JDBC for Salesforce: through 6.0.0.003020, fixed in 6.0.0.003125 DataDirect Connect for JDBC for SAP HANA: through 6.0.0.000879, product retired DataDirect Connect for JDBC for SAP S/4 HANA: through 6.0.1.001818, fixed in 6.0.1.001858 DataDirect Connect for JDBC for Sybase ASE: through 5.1.4.000161, fixed in 5.1.4.000162 DataDirect Connect for JDBC for Snowflake: through 6.0.1.001821, fixed in 6.0.1.001856 DataDirect Hybrid Data Pipeline Server: through 4.6.2.3309, fixed in 4.6.2.3430 DataDirect Hybrid Data Pipeline JDBC Driver: through 4.6.2.0607, fixed in 4.6.2.1023 DataDirect Hybrid Data Pipeline On Premises Connector: through 4.6.2.1223, fixed in 4.6.2.1339 DataDirect Hybrid Data Pipeline Docker: through 4.6.2.3316, fixed in 4.6.2.3430 DataDirect OpenAccess JDBC Driver: through 8.1.0.0177, fixed in 8.1.0.0183 DataDirect OpenAccess JDBC Driver: through 9.0.0.0019, fixed in 9.0.0.0022

References

	URL	Tags
	security@progress.com	https://community.progress.com/s/article/Progress-DataDirect-Critical-Security-Product-Alert-Bulletin-November-2025

Impacted products

	Vendor	Product	Version

JSON

To clipboard

{
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "Improper Control of Generation of Code (\u0027Code Injection\u0027) vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows Remote Code Inclusion.\n\n\nThe SpyAttribute connection option implemented by the DataDirect Connect for JDBC drivers, DataDirect Hybrid Data Pipeline JDBC driver and the DataDirect OpenAccess JDBC driver supports an undocumented syntax construct for the option value that if discovered can be used by an attacker.  If an application allows an end user to specify a value for the SpyAttributes connection option then an attacker can use the undocumented syntax to cause the driver to load an arbitrary class on the class path and execute a constructor on that class. \u00a0\n\n\nThis issue affects:\n\nDataDirect Connect for JDBC for Amazon Redshift: through 6.0.0.001392, fixed in 6.0.0.001541\n\nDataDirect Connect for JDBC for Apache Cassandra: through 6.0.0.000805, fixed in 6.0.0.000833\n\nDataDirect Connect for JDBC for Hive: through 6.0.1.001499, fixed in 6.0.1.001628\n\nDataDirect Connect for JDBC for Apache Impala: through 6.0.0.001155, fixed in 6.0.0.001279\n\nDataDirect Connect for JDBC for Apache SparkSQL: through 6.0.1.001222, fixed in 6.0.1.001344\n\nDataDirect Connect for JDBC Autonomous REST Connector: through 6.0.1.006961, fixed in 6.0.1.007063\n\nDataDirect Connect for JDBC for DB2: through 6.0.0.000717, fixed in 6.0.0.000964\n\nDataDirect Connect for JDBC for Google Analytics 4: through 6.0.0.000454, fixed in 6.0.0.000525\n\nDataDirect Connect for JDBC for Google BigQuery: through 6.0.0.002279, fixed in 6.0.0.002410\nDataDirect Connect for JDBC for Greenplum: through 6.0.0.001712, fixed in 6.0.0.001727\nDataDirect Connect for JDBC for Informix: through 6.0.0.000690, fixed in 6.0.0.0851\n\n\nDataDirect Connect for JDBC for Microsoft Dynamics 365: through 6.0.0.003161, fixed in 6.0.0.3198\n\nDataDirect Connect for JDBC for Microsoft SQLServer: through 6.0.0.001936, fixed in 6.0.0.001957\n\nDataDirect Connect for JDBC for Microsoft Sharepoint: through 6.0.0.001559, fixed in 6.0.0.001587\n\nDataDirect Connect for JDBC for MongoDB: through 6.1.0.001654, fixed in 6.1.0.001669\n\nDataDirect Connect for JDBC for MySQL: through 5.1.4.000330, fixed in 5.1.4.000364\n\nDataDirect Connect for JDBC for Oracle Database: through 6.0.0.001747, fixed in 6.0.0.001776\n\nDataDirect Connect for JDBC for Oracle Eloqua: through 6.0.0.001438, fixed in 6.0.0.001458\n\nDataDirect Connect for JDBC for Oracle Sales Cloud: through 6.0.0.001225, fixed in 6.0.0.001316\n\nDataDirect Connect for JDBC for Oracle Service Cloud: through 5.1.4.000298, fixed in 5.1.4.000309\nDataDirect Connect for JDBC for PostgreSQL: through 6.0.0.001843, fixed in 6.0.0.001856\n\nDataDirect Connect for JDBC for Progress OpenEdge: through 5.1.4.000187, fixed in 5.1.4.000189\n\nDataDirect Connect for JDBC for Salesforce: through 6.0.0.003020, fixed in 6.0.0.003125\nDataDirect Connect for JDBC for SAP HANA: through 6.0.0.000879, product retired\n\nDataDirect Connect for JDBC for SAP S/4 HANA: through 6.0.1.001818, fixed in 6.0.1.001858\n\nDataDirect Connect for JDBC for Sybase ASE: through 5.1.4.000161, fixed in 5.1.4.000162\n\nDataDirect Connect for JDBC for Snowflake: through 6.0.1.001821, fixed in 6.0.1.001856\n\nDataDirect Hybrid Data Pipeline Server: through 4.6.2.3309, fixed in 4.6.2.3430\n\nDataDirect Hybrid Data Pipeline JDBC Driver: through 4.6.2.0607, fixed in 4.6.2.1023\n\nDataDirect Hybrid Data Pipeline On Premises Connector: through 4.6.2.1223, fixed in 4.6.2.1339\nDataDirect Hybrid Data Pipeline Docker: through 4.6.2.3316, fixed in 4.6.2.3430\n\nDataDirect OpenAccess JDBC Driver: through 8.1.0.0177, fixed in 8.1.0.0183\n\nDataDirect OpenAccess JDBC Driver: through 9.0.0.0019, fixed in 9.0.0.0022"
    }
  ],
  "id": "CVE-2025-10702",
  "lastModified": "2025-11-19T19:14:59.327",
  "metrics": {
    "cvssMetricV40": [
      {
        "cvssData": {
          "Automatable": "NOT_DEFINED",
          "Recovery": "NOT_DEFINED",
          "Safety": "NOT_DEFINED",
          "attackComplexity": "LOW",
          "attackRequirements": "NONE",
          "attackVector": "NETWORK",
          "availabilityRequirement": "NOT_DEFINED",
          "baseScore": 8.6,
          "baseSeverity": "HIGH",
          "confidentialityRequirement": "NOT_DEFINED",
          "exploitMaturity": "NOT_DEFINED",
          "integrityRequirement": "NOT_DEFINED",
          "modifiedAttackComplexity": "NOT_DEFINED",
          "modifiedAttackRequirements": "NOT_DEFINED",
          "modifiedAttackVector": "NOT_DEFINED",
          "modifiedPrivilegesRequired": "NOT_DEFINED",
          "modifiedSubAvailabilityImpact": "NOT_DEFINED",
          "modifiedSubConfidentialityImpact": "NOT_DEFINED",
          "modifiedSubIntegrityImpact": "NOT_DEFINED",
          "modifiedUserInteraction": "NOT_DEFINED",
          "modifiedVulnAvailabilityImpact": "NOT_DEFINED",
          "modifiedVulnConfidentialityImpact": "NOT_DEFINED",
          "modifiedVulnIntegrityImpact": "NOT_DEFINED",
          "privilegesRequired": "LOW",
          "providerUrgency": "NOT_DEFINED",
          "subAvailabilityImpact": "HIGH",
          "subConfidentialityImpact": "HIGH",
          "subIntegrityImpact": "HIGH",
          "userInteraction": "NONE",
          "valueDensity": "NOT_DEFINED",
          "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X",
          "version": "4.0",
          "vulnAvailabilityImpact": "HIGH",
          "vulnConfidentialityImpact": "LOW",
          "vulnIntegrityImpact": "HIGH",
          "vulnerabilityResponseEffort": "NOT_DEFINED"
        },
        "source": "security@progress.com",
        "type": "Secondary"
      }
    ]
  },
  "published": "2025-11-19T16:15:46.187",
  "references": [
    {
      "source": "security@progress.com",
      "url": "https://community.progress.com/s/article/Progress-DataDirect-Critical-Security-Product-Alert-Bulletin-November-2025"
    }
  ],
  "sourceIdentifier": "security@progress.com",
  "vulnStatus": "Awaiting Analysis",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-94"
        }
      ],
      "source": "security@progress.com",
      "type": "Primary"
    }
  ]
}

CVE-2025-10702 (GCVE-0-2025-10702)

Vulnerability from cvelistv5 – Published: 2025-11-19 15:46 – Updated: 2025-11-20 04:55

Summary

Severity ?

8.6 (High)


                        
                          CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H

CWE

CWE-94 - Improper Control of Generation of Code ('Code Injection')

Assigner

ProgressSoftware

References

URL

Tags

https://community.progress.com/s/article/Progress…

Impacted products

Vendor

Product

Version

Progress

DataDirect Connect for JDBC for Amazon Redshift

Affected: 0 , ≤ 6.0.0.001392 (custom)
Unaffected: 6.0.0.001541 (custom)

Progress	DataDirect Connect for JDBC for Apache Cassandra	Affected: 0 , ≤ 6.0.0.000805 (custom) Unaffected: 6.0.0.000833 (custom)
Progress	DataDirect Connect for JDBC for Hive	Affected: 0 , ≤ 6.0.1.001499 (custom) Unaffected: 6.0.1.001628 (custom)
Progress	DataDirect Connect for JDBC for Apache Impala	Affected: 0 , ≤ 6.0.0.001155 (custom) Unaffected: 6.0.0.1279 (custom)
Progress	DataDirect Connect for JDBC for Apache SparkSQL	Affected: 0 , ≤ 6.0.1.001222 (custom) Unaffected: 6.0.1.001344 (custom)
Progress	DataDirect Connect for JDBC Autonomous REST Connector	Affected: 0 , ≤ 6.0.1.006961 (custom) Unaffected: 6.0.1.007063 (custom)
Progress	DataDirect Connect for JDBC for DB2	Affected: 0 , ≤ 6.0.0.000717 (custom) Unaffected: 6.0.0.000964 (custom)
Progress	DataDirect Connect for JDBC for Google Analytics 4	Affected: 0 , ≤ 6.0.0.000454 (custom) Unaffected: 6.0.0.000525
Progress	DataDirect Connect for JDBC for Google BigQuery	Affected: 0 , ≤ 6.0.0.002279 (custom) Unaffected: 6.0.0.002410 (custom)
Progress	DataDirect Connect for JDBC for Greenplum	Affected: 0 , ≤ 6.0.0.001712 (custom) Unaffected: 6.0.0.001727 (custom)
Progress	DataDirect Connect for JDBC for Informix	Affected: 0 , ≤ 6.0.0.000690 (custom) Unaffected: 6.0.0.000851 (custom)
Progress	DataDirect Connect for JDBC for Microsoft Dynamics 365	Affected: 0 , ≤ 6.0.0.003161 (custom) Unaffected: 6.0.0.003198 (custom)
Progress	DataDirect Connect for JDBC for Microsoft SQLServer	Affected: 0 , ≤ 6.0.0.001936 (custom) Unaffected: 6.0.0.001957 (custom)
Progress	DataDirect Connect for JDBC for Microsoft Sharepoint	Affected: 0 , ≤ 6.0.0.001559 (custom) Unaffected: 6.0.0.001587 (custom)
Progress	DataDirect Connect for JDBC for MongoDB	Affected: 0 , ≤ 6.1.0.001654 (custom) Unaffected: 6.1.0.001669 (custom)
Progress	DataDirect Connect for JDBC for MySQL	Affected: 0 , ≤ 5.1.4.000330 (custom) Unaffected: 5.1.4.000364 (custom)
Progress	DataDirect Connect for JDBC for Oracle Database	Affected: 0 , ≤ 6.0.0.001747 (custom) Unaffected: 6.0.0.001776 (custom)
Progress	DataDirect Connect for JDBC for Oracle Eloqua	Affected: 0 , ≤ 6.0.0.001438 (custom) Unaffected: 6.0.0.001458 (custom)
Progress	DataDirect Connect for JDBC for Oracle Sales Cloud	Affected: 0 , ≤ 6.0.0.001225 (custom) Unaffected: 6.0.0.001316 (custom)
Progress	DataDirect Connect for JDBC for Oracle Service Cloud	Affected: 0 , ≤ 5.1.4.000298 (custom) Unaffected: 5.1.4.000309 (custom)
Progress	DataDirect Connect for JDBC for PostgreSQL	Affected: 0 , ≤ 6.0.0.001843 (custom) Unaffected: 6.0.0.001856 (custom)
Progress	DataDirect Connect for JDBC for Progress OpenEdge	Affected: 0 , ≤ 5.1.4.000187 (custom) Unaffected: 5.1.4.000189 (custom)
Progress	DataDirect Connect for JDBC for Salesforce	Affected: 0 , ≤ 6.0.0.003020 (custom) Unaffected: 6.0.0.003125 (custom)
Progress	DataDirect Connect for JDBC for SAP HANA	Affected: 0 , ≤ 6.0.0.000879 (custom)
Progress	DataDirect Connect for JDBC for SAP S/4 HANA	Affected: 0 , ≤ 6.0.1.001818 (custom) Unaffected: 6.0.1.001858 (custom)
Progress	DataDirect Connect for JDBC for Sybase ASE	Affected: 0 , ≤ 5.1.4.000161 (custom) Unaffected: 5.1.4.000162 (custom)
Progress	DataDirect Connect for JDBC for Snowflake	Affected: 0 , ≤ 6.0.1.001821 (custom) Unaffected: 6.0.1.001856 (custom)
Progress	DataDirect Hybrid Data Pipeline Server	Affected: 0 , ≤ 4.6.2.3309 (custom) Unaffected: 4.6.2.3430 (custom)
Progress	DataDirect Hybrid Data Pipeline JDBC Driver	Affected: 0 , ≤ 4.6.2.0607 (custom) Unaffected: 4.6.2.1023 (custom)
Progress	DataDirect Hybrid Data Pipeline On Premises Connector	Affected: 0 , ≤ 4.6.2.1223 (custom) Unaffected: 4.6.2.1339 (custom)
Progress	DataDirect Hybrid Data Pipeline Docker	Affected: 0 , ≤ 4.6.2.3316 (custom) Unaffected: 4.6.2.3430 (custom)
Progress	DataDirect OpenAccess JDBC Driver	Affected: 0 , ≤ 8.1.0.0177 (custom) Unaffected: 8.1.0.0183 (custom)
Progress	DataDirect OpenAccess JDBC Driver	Affected: 0 , ≤ 9.0.0.0019 (custom) Unaffected: 9.0.0.0022 (custom)

Credits

Brecht Snijders of Triskele Labs

Show details on NVD website

JSON

To clipboard

{
  "containers": {
    "adp": [
      {
        "metrics": [
          {
            "other": {
              "content": {
                "id": "CVE-2025-10702",
                "options": [
                  {
                    "Exploitation": "none"
                  },
                  {
                    "Automatable": "no"
                  },
                  {
                    "Technical Impact": "total"
                  }
                ],
                "role": "CISA Coordinator",
                "timestamp": "2025-11-19T00:00:00+00:00",
                "version": "2.0.3"
              },
              "type": "ssvc"
            }
          }
        ],
        "providerMetadata": {
          "dateUpdated": "2025-11-20T04:55:24.080Z",
          "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
          "shortName": "CISA-ADP"
        },
        "title": "CISA ADP Vulnrichment"
      }
    ],
    "cna": {
      "affected": [
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for Amazon Redshift",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "6.0.0.001392",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "6.0.0.001541",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for Apache Cassandra",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "6.0.0.000805",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "6.0.0.000833",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for Hive",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "6.0.1.001499",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "6.0.1.001628",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for Apache Impala",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "6.0.0.001155",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "6.0.0.1279",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for Apache SparkSQL",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "6.0.1.001222",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "6.0.1.001344",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC Autonomous REST Connector",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "6.0.1.006961",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "6.0.1.007063",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for DB2",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "6.0.0.000717",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "6.0.0.000964",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for Google Analytics 4",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "6.0.0.000454",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "6.0.0.000525"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for Google BigQuery",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "6.0.0.002279",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "6.0.0.002410",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for Greenplum",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "6.0.0.001712",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "6.0.0.001727",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for Informix",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "6.0.0.000690",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "6.0.0.000851",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for Microsoft Dynamics 365",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "6.0.0.003161",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "6.0.0.003198",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for Microsoft SQLServer",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "6.0.0.001936",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "6.0.0.001957",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for Microsoft Sharepoint",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "6.0.0.001559",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "6.0.0.001587",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for MongoDB",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "6.1.0.001654",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "6.1.0.001669",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for MySQL",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "5.1.4.000330",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "5.1.4.000364",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for Oracle Database",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "6.0.0.001747",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "6.0.0.001776",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for Oracle Eloqua",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "6.0.0.001438",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "6.0.0.001458",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for Oracle Sales Cloud",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "6.0.0.001225",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "6.0.0.001316",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for Oracle Service Cloud",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "5.1.4.000298",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "5.1.4.000309",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for PostgreSQL",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "6.0.0.001843",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "6.0.0.001856",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for Progress OpenEdge",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "5.1.4.000187",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "5.1.4.000189",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for Salesforce",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "6.0.0.003020",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "6.0.0.003125",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for SAP HANA",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "6.0.0.000879",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for SAP S/4 HANA",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "6.0.1.001818",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "6.0.1.001858",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for Sybase ASE",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "5.1.4.000161",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "5.1.4.000162",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Connect for JDBC for Snowflake",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "6.0.1.001821",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "6.0.1.001856",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Hybrid Data Pipeline Server",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "4.6.2.3309",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "4.6.2.3430",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Hybrid Data Pipeline JDBC Driver",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "4.6.2.0607",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "4.6.2.1023",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Hybrid Data Pipeline On Premises Connector",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "4.6.2.1223",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "4.6.2.1339",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect Hybrid Data Pipeline Docker",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "4.6.2.3316",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "4.6.2.3430",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect OpenAccess JDBC Driver",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "8.1.0.0177",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "8.1.0.0183",
              "versionType": "custom"
            }
          ]
        },
        {
          "defaultStatus": "unaffected",
          "product": "DataDirect OpenAccess JDBC Driver",
          "vendor": "Progress",
          "versions": [
            {
              "lessThanOrEqual": "9.0.0.0019",
              "status": "affected",
              "version": "0",
              "versionType": "custom"
            },
            {
              "status": "unaffected",
              "version": "9.0.0.0022",
              "versionType": "custom"
            }
          ]
        }
      ],
      "credits": [
        {
          "lang": "en",
          "type": "reporter",
          "value": "Brecht Snijders of Triskele Labs"
        }
      ],
      "descriptions": [
        {
          "lang": "en",
          "supportingMedia": [
            {
              "base64": false,
              "type": "text/html",
              "value": "\u003cdiv\u003e\u003cdiv\u003eImproper Control of Generation of Code (\u0027Code Injection\u0027) vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows Remote Code Inclusion.\u003c/div\u003e\u003cbr\u003e\u003cdiv\u003eThe SpyAttribute connection option implemented by the DataDirect Connect for JDBC drivers, DataDirect Hybrid Data Pipeline JDBC driver and the DataDirect OpenAccess JDBC driver supports an undocumented syntax construct for the option value that if discovered can be used by an attacker.  If an application allows an end user to specify a value for the SpyAttributes connection option then an attacker can use the undocumented syntax to cause the driver to load an arbitrary class on the class path and execute a constructor on that class. \u0026nbsp;\u003c/div\u003e\u003cbr\u003e\u003cdiv\u003eThis issue affects:\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Amazon Redshift: through 6.0.0.001392, fixed in 6.0.0.001541\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Apache Cassandra: through 6.0.0.000805, fixed in 6.0.0.000833\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Hive: through 6.0.1.001499, fixed in 6.0.1.001628\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Apache Impala: through 6.0.0.001155, fixed in 6.0.0.001279\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Apache SparkSQL: through 6.0.1.001222, fixed in 6.0.1.001344\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC Autonomous REST Connector: through 6.0.1.006961, fixed in 6.0.1.007063\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for DB2: through 6.0.0.000717, fixed in 6.0.0.000964\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Google Analytics 4: through 6.0.0.000454, fixed in 6.0.0.000525\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Google BigQuery: through 6.0.0.002279, fixed in 6.0.0.002410\u003cbr\u003eDataDirect Connect for JDBC for Greenplum: through 6.0.0.001712, fixed in 6.0.0.001727\u003cbr\u003eDataDirect Connect for JDBC for Informix: through 6.0.0.000690, fixed in 6.0.0.0851\u003cbr\u003e\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Microsoft Dynamics 365: through 6.0.0.003161, fixed in 6.0.0.3198\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Microsoft SQLServer: through 6.0.0.001936, fixed in 6.0.0.001957\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Microsoft Sharepoint: through 6.0.0.001559, fixed in 6.0.0.001587\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for MongoDB: through 6.1.0.001654, fixed in 6.1.0.001669\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for MySQL: through 5.1.4.000330, fixed in 5.1.4.000364\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Oracle Database: through 6.0.0.001747, fixed in 6.0.0.001776\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Oracle Eloqua: through 6.0.0.001438, fixed in 6.0.0.001458\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Oracle Sales Cloud: through 6.0.0.001225, fixed in 6.0.0.001316\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Oracle Service Cloud: through 5.1.4.000298, fixed in 5.1.4.000309\u003cbr\u003eDataDirect Connect for JDBC for PostgreSQL: through 6.0.0.001843, fixed in 6.0.0.001856\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Progress OpenEdge: through 5.1.4.000187, fixed in 5.1.4.000189\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Salesforce: through 6.0.0.003020, fixed in 6.0.0.003125\u003cbr\u003eDataDirect Connect for JDBC for SAP HANA: through 6.0.0.000879, product retired\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for SAP S/4 HANA: through 6.0.1.001818, fixed in 6.0.1.001858\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Sybase ASE: through 5.1.4.000161, fixed in 5.1.4.000162\u003c/div\u003e\u003cdiv\u003eDataDirect Connect for JDBC for Snowflake: through 6.0.1.001821, fixed in 6.0.1.001856\u003c/div\u003e\u003cdiv\u003eDataDirect Hybrid Data Pipeline Server: through 4.6.2.3309, fixed in 4.6.2.3430\u003c/div\u003e\u003cdiv\u003eDataDirect Hybrid Data Pipeline JDBC Driver: through 4.6.2.0607, fixed in 4.6.2.1023\u003c/div\u003e\u003cdiv\u003eDataDirect Hybrid Data Pipeline On Premises Connector: through 4.6.2.1223, fixed in 4.6.2.1339\u003cbr\u003eDataDirect Hybrid Data Pipeline Docker: through 4.6.2.3316, fixed in 4.6.2.3430\u003c/div\u003e\u003cdiv\u003eDataDirect OpenAccess JDBC Driver: through 8.1.0.0177, fixed in 8.1.0.0183\u003c/div\u003e\u003cdiv\u003eDataDirect OpenAccess JDBC Driver: through 9.0.0.0019, fixed in 9.0.0.0022\u003c/div\u003e\u003c/div\u003e\n\n\u003cbr\u003e"
            }
          ],
          "value": "Improper Control of Generation of Code (\u0027Code Injection\u0027) vulnerability in Progress DataDirect Connect for JDBC drivers, Progress DataDirect Open Access JDBC driver and Hybrid Data Pipeline allows Remote Code Inclusion.\n\n\nThe SpyAttribute connection option implemented by the DataDirect Connect for JDBC drivers, DataDirect Hybrid Data Pipeline JDBC driver and the DataDirect OpenAccess JDBC driver supports an undocumented syntax construct for the option value that if discovered can be used by an attacker.  If an application allows an end user to specify a value for the SpyAttributes connection option then an attacker can use the undocumented syntax to cause the driver to load an arbitrary class on the class path and execute a constructor on that class. \u00a0\n\n\nThis issue affects:\n\nDataDirect Connect for JDBC for Amazon Redshift: through 6.0.0.001392, fixed in 6.0.0.001541\n\nDataDirect Connect for JDBC for Apache Cassandra: through 6.0.0.000805, fixed in 6.0.0.000833\n\nDataDirect Connect for JDBC for Hive: through 6.0.1.001499, fixed in 6.0.1.001628\n\nDataDirect Connect for JDBC for Apache Impala: through 6.0.0.001155, fixed in 6.0.0.001279\n\nDataDirect Connect for JDBC for Apache SparkSQL: through 6.0.1.001222, fixed in 6.0.1.001344\n\nDataDirect Connect for JDBC Autonomous REST Connector: through 6.0.1.006961, fixed in 6.0.1.007063\n\nDataDirect Connect for JDBC for DB2: through 6.0.0.000717, fixed in 6.0.0.000964\n\nDataDirect Connect for JDBC for Google Analytics 4: through 6.0.0.000454, fixed in 6.0.0.000525\n\nDataDirect Connect for JDBC for Google BigQuery: through 6.0.0.002279, fixed in 6.0.0.002410\nDataDirect Connect for JDBC for Greenplum: through 6.0.0.001712, fixed in 6.0.0.001727\nDataDirect Connect for JDBC for Informix: through 6.0.0.000690, fixed in 6.0.0.0851\n\n\nDataDirect Connect for JDBC for Microsoft Dynamics 365: through 6.0.0.003161, fixed in 6.0.0.3198\n\nDataDirect Connect for JDBC for Microsoft SQLServer: through 6.0.0.001936, fixed in 6.0.0.001957\n\nDataDirect Connect for JDBC for Microsoft Sharepoint: through 6.0.0.001559, fixed in 6.0.0.001587\n\nDataDirect Connect for JDBC for MongoDB: through 6.1.0.001654, fixed in 6.1.0.001669\n\nDataDirect Connect for JDBC for MySQL: through 5.1.4.000330, fixed in 5.1.4.000364\n\nDataDirect Connect for JDBC for Oracle Database: through 6.0.0.001747, fixed in 6.0.0.001776\n\nDataDirect Connect for JDBC for Oracle Eloqua: through 6.0.0.001438, fixed in 6.0.0.001458\n\nDataDirect Connect for JDBC for Oracle Sales Cloud: through 6.0.0.001225, fixed in 6.0.0.001316\n\nDataDirect Connect for JDBC for Oracle Service Cloud: through 5.1.4.000298, fixed in 5.1.4.000309\nDataDirect Connect for JDBC for PostgreSQL: through 6.0.0.001843, fixed in 6.0.0.001856\n\nDataDirect Connect for JDBC for Progress OpenEdge: through 5.1.4.000187, fixed in 5.1.4.000189\n\nDataDirect Connect for JDBC for Salesforce: through 6.0.0.003020, fixed in 6.0.0.003125\nDataDirect Connect for JDBC for SAP HANA: through 6.0.0.000879, product retired\n\nDataDirect Connect for JDBC for SAP S/4 HANA: through 6.0.1.001818, fixed in 6.0.1.001858\n\nDataDirect Connect for JDBC for Sybase ASE: through 5.1.4.000161, fixed in 5.1.4.000162\n\nDataDirect Connect for JDBC for Snowflake: through 6.0.1.001821, fixed in 6.0.1.001856\n\nDataDirect Hybrid Data Pipeline Server: through 4.6.2.3309, fixed in 4.6.2.3430\n\nDataDirect Hybrid Data Pipeline JDBC Driver: through 4.6.2.0607, fixed in 4.6.2.1023\n\nDataDirect Hybrid Data Pipeline On Premises Connector: through 4.6.2.1223, fixed in 4.6.2.1339\nDataDirect Hybrid Data Pipeline Docker: through 4.6.2.3316, fixed in 4.6.2.3430\n\nDataDirect OpenAccess JDBC Driver: through 8.1.0.0177, fixed in 8.1.0.0183\n\nDataDirect OpenAccess JDBC Driver: through 9.0.0.0019, fixed in 9.0.0.0022"
        }
      ],
      "impacts": [
        {
          "capecId": "CAPEC-253",
          "descriptions": [
            {
              "lang": "en",
              "value": "CAPEC-253 Remote Code Inclusion"
            }
          ]
        }
      ],
      "metrics": [
        {
          "cvssV4_0": {
            "Automatable": "NOT_DEFINED",
            "Recovery": "NOT_DEFINED",
            "Safety": "NOT_DEFINED",
            "attackComplexity": "LOW",
            "attackRequirements": "NONE",
            "attackVector": "NETWORK",
            "baseScore": 8.6,
            "baseSeverity": "HIGH",
            "exploitMaturity": "NOT_DEFINED",
            "privilegesRequired": "LOW",
            "providerUrgency": "NOT_DEFINED",
            "subAvailabilityImpact": "HIGH",
            "subConfidentialityImpact": "HIGH",
            "subIntegrityImpact": "HIGH",
            "userInteraction": "NONE",
            "valueDensity": "NOT_DEFINED",
            "vectorString": "CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:H/VA:H/SC:H/SI:H/SA:H",
            "version": "4.0",
            "vulnAvailabilityImpact": "HIGH",
            "vulnConfidentialityImpact": "LOW",
            "vulnIntegrityImpact": "HIGH",
            "vulnerabilityResponseEffort": "NOT_DEFINED"
          },
          "format": "CVSS",
          "scenarios": [
            {
              "lang": "en",
              "value": "GENERAL"
            }
          ]
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "cweId": "CWE-94",
              "description": "CWE-94 Improper Control of Generation of Code (\u0027Code Injection\u0027)",
              "lang": "en",
              "type": "CWE"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2025-11-19T15:46:26.699Z",
        "orgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
        "shortName": "ProgressSoftware"
      },
      "references": [
        {
          "url": "https://community.progress.com/s/article/Progress-DataDirect-Critical-Security-Product-Alert-Bulletin-November-2025"
        }
      ],
      "source": {
        "discovery": "UNKNOWN"
      },
      "x_generator": {
        "engine": "Vulnogram 0.2.0"
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "f9fea0b6-671e-4eea-8fde-31911902ae05",
    "assignerShortName": "ProgressSoftware",
    "cveId": "CVE-2025-10702",
    "datePublished": "2025-11-19T15:46:26.699Z",
    "dateReserved": "2025-09-18T19:40:24.114Z",
    "dateUpdated": "2025-11-20T04:55:24.080Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.2"
}

Sightings

Author	Source	Type	Date

Nomenclature

Seen: The vulnerability was mentioned, discussed, or observed by the user.
Confirmed: The vulnerability has been validated from an analyst's perspective.
Published Proof of Concept: A public proof of concept is available for this vulnerability.
Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
Not confirmed: The user expressed doubt about the validity of the vulnerability.
Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Detection rules are retrieved from Rulezet.

Action not permitted

FKIE_CVE-2025-10702

CVE-2025-10702 (GCVE-0-2025-10702)

Tags

Sightings

Nomenclature