A path traversal vulnerability exists in the Java version of CData Arc < 23.4.8839 when running using the embedded Jetty server, which could allow an unauthenticated remote attacker to gain access to sensitive information and perform limited actions.
View the template here CVE-2024-31850.yaml
References:
https://github.com/Stuub/CVE-2024-31848-PoC