-
CVSS Score
-Basic Information
Technical Details
Vulnerability Intelligence
Miggo AI
Miggo AIMiggo AI| Package Name | Ecosystem | Vulnerable Versions | First Patched Version |
|---|---|---|---|
| com.datomic:datomic-free | maven | <= 0.9.5656 | 0.9.5697 |
Miggo AIRoot Cause AnalysisThe vulnerability root cause is H2's CREATE ALIAS implementation (CreateAlias.execute) combined with Datomic's insecure default exposure of H2 components. While the vulnerability exists in H2, Datomic's vulnerable versions: 1) Enabled H2 web console without auth 2) Exposed JDBC with default credentials 3) Did not restrict network access. The critical runtime indicators are H2's ALIAS execution path (CreateAlias.execute) and web interface handling (WebServlet.process), which would appear in stack traces during exploitation.