Impact
Improper neutralization of user-controlled content in Snowflake CLI allowed unintended SQL execution. An attacker could supply crafted repository, project, manifest, or specification data that, when processed by a vulnerable CLI command, caused the client to run SQL commands in the context of the victim’s Snowflake session. The impact is direct loss of confidentiality, integrity, and availability of the data accessible to that session, and the vulnerability is a classic input‑validation flaw (CWE‑89).
Affected Systems
Version of Snowflake CLI prior to 3.19 are affected. Users running Snowflake CLI 3.18 or older may fall victim if they process attacker‑controlled repository content, project settings, manifest files, or specification inputs. The fix is shipped in Snowflake CLI 3.19 and later, which properly sanitizes such inputs.
Risk and Exploitability
The CVSS score of 8.3 indicates a high severity. Exploitation requires the attacker to insert malicious content into a location that a user’s CLI command will read, and the attacker must also have a user session to which the CLI runs. Because the flaw is confined to the client, it does not allow arbitrary remote code execution on the Snowflake server, but it can be used to run arbitrary SQL as the victim, with privileges limited to those granted to the session. EPSS data is not available, and the vulnerability is not listed in CISA’s KEV catalog, so the known exploitation probability remains uncertain, yet the high CVSS and the fact that any victim can trigger it simply by running a command on compromised content make it a significant threat.
OpenCVE Enrichment