H2O.ai H2O through 3.46.0.4 allows attackers to arbitrarily set the JDBC URL, leading to deserialization attacks, file reads, and command execution. Exploitation can occur when an attacker has access to post to the ImportSQLTable URI with a JSON document containing a connection_url property with any typical JDBC Connection URL attack payload such as one that uses queryInterceptors.
History

Fri, 06 Sep 2024 18:30:00 +0000

Type Values Removed Values Added
First Time appeared H2oai
H2oai h2o-3
Weaknesses CWE-502
CPEs cpe:2.3:a:h2oai:h2o-3:*:*:*:*:*:*:*:*
Vendors & Products H2oai
H2oai h2o-3
Metrics cvssV3_1

{'score': 9.1, 'vector': 'CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:N'}

ssvc

{'options': {'Automatable': 'yes', 'Exploitation': 'poc', 'Technical Impact': 'total'}, 'version': '2.0.3'}


Fri, 06 Sep 2024 15:30:00 +0000

Type Values Removed Values Added
Description H2O.ai H2O through 3.46.0.4 allows attackers to arbitrarily set the JDBC URL, leading to deserialization attacks, file reads, and command execution. Exploitation can occur when an attacker has access to post to the ImportSQLTable URI with a JSON document containing a connection_url property with any typical JDBC Connection URL attack payload such as one that uses queryInterceptors.
References

cve-icon MITRE

Status: PUBLISHED

Assigner: mitre

Published: 2024-09-06T00:00:00

Updated: 2024-09-06T17:59:17.751Z

Reserved: 2024-09-06T00:00:00

Link: CVE-2024-45758

cve-icon Vulnrichment

Updated: 2024-09-06T17:53:03.513Z

cve-icon NVD

Status : Awaiting Analysis

Published: 2024-09-06T16:15:03.517

Modified: 2024-09-06T18:35:13.043

Link: CVE-2024-45758

cve-icon Redhat

No data.