cve/2024/CVE-2024-57971.md

### [CVE-2024-57971](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57971)
![](https://img.shields.io/static/v1?label=Product&message=KNOWAGE&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=0%20&color=brightgreen)
![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-99%20Improper%20Control%20of%20Resource%20Identifiers%20('Resource%20Injection')&color=brightgreen)

### Description

DataSourceResource.java in the SpagoBI API support in Knowage Server in KNOWAGE before 8.1.30 does not ensure that java:comp/env/jdbc/ occurs at the beginning of a JNDI Name.

### POC

#### Reference
- https://github.com/darumaseye/CVEs/blob/ec2de9f7ecffde466e687745bfdfc672e86241d7/CVE-2024-57971.md

#### Github
No PoCs found on GitHub currently.
Update CVE list 2025-09-29 21:09 2025-09-29 21:09:30 +02:00			`### [CVE-2024-57971](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2024-57971)`
			`![](https://img.shields.io/static/v1?label=Product&message=KNOWAGE&color=blue)`
			`![](https://img.shields.io/static/v1?label=Version&message=0%20&color=brightgreen)`
			`![](https://img.shields.io/static/v1?label=Vulnerability&message=CWE-99%20Improper%20Control%20of%20Resource%20Identifiers%20('Resource%20Injection')&color=brightgreen)`

			`### Description`

			`DataSourceResource.java in the SpagoBI API support in Knowage Server in KNOWAGE before 8.1.30 does not ensure that java:comp/env/jdbc/ occurs at the beginning of a JNDI Name.`

			`### POC`

			`#### Reference`
			`- https://github.com/darumaseye/CVEs/blob/ec2de9f7ecffde466e687745bfdfc672e86241d7/CVE-2024-57971.md`

			`#### Github`
			`No PoCs found on GitHub currently.`