Improper Access Control in /tc/rpc in Jedox GmbH Jedox 2020.2.5 allows remote authenticated users to view details of database connections via class 'com.jedox.etl.mngr.Connections' and method 'getGlobalConnection'.
http://packetstormsecurity.com/files/172156/Jedox-2020.2.5-Database-Credential-Disclosure.html