A SQL injection in the Amazon Redshift ODBC Driver v2.1.5.0 (Windows or Linux) allows a user to gain escalated privileges via the SQLTables or SQLColumns Metadata APIs. Users are recommended to upgrade to the driver version 2.1.6.0 or revert to driver version 2.1.4.0.
Metrics
Affected Vendors & Products
References
History
Thu, 26 Dec 2024 14:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
References |
|
Wed, 25 Dec 2024 03:15:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Metrics |
ssvc
|
Tue, 24 Dec 2024 16:30:00 +0000
Type | Values Removed | Values Added |
---|---|---|
Description | A SQL injection in the Amazon Redshift ODBC Driver v2.1.5.0 (Windows or Linux) allows a user to gain escalated privileges via the SQLTables or SQLColumns Metadata APIs. Users are recommended to upgrade to the driver version 2.1.6.0 or revert to driver version 2.1.4.0. | |
Title | SQL Injection in the Amazon Redshift ODBC Driver affecting v2.1.5.0 | |
Weaknesses | CWE-89 | |
References |
| |
Metrics |
cvssV3_1
|

Status: PUBLISHED
Assigner: AMZN
Published: 2024-12-24T16:16:37.499Z
Updated: 2024-12-26T14:18:22.213Z
Reserved: 2024-12-18T01:43:56.475Z
Link: CVE-2024-12746

Updated: 2024-12-25T02:38:52.640Z

Status : Received
Published: 2024-12-24T17:15:08.353
Modified: 2024-12-26T15:15:06.650
Link: CVE-2024-12746

No data.