Ecosyste.ms: Advisories
An open API service providing security vulnerability metadata for many open source software ecosystems.
Security Advisories: GSA_kwCzR0hTQS1qYzY5LWhqdzItZm04Ns4AAvS6
com.amazon.redshift:redshift-jdbc42 vulnerable to remote command execution
Impact
A potential remote command execution issue exists within redshift-jdbc42
versions 2.1.0.7 and below. When plugins are used with the driver, it instantiates plugin instances based on Java class names provided via the sslhostnameverifier
, socketFactory
, sslfactory
, and sslpasswordcallback
connection properties. In affected versions, the driver does not verify if a plugin class implements the expected interface before instantiatiaton. This can lead to loading of arbitrary Java classes, which a knowledgeable attacker with control over the JDBC URL can use to achieve remote code execution.
Patches
This issue is patched within redshift-jdbc-42
2.1.0.8 and above.
Workarounds
We advise customers using plugins to upgrade to redshift-jdbc42
version 2.1.0.8 or above. There are no known workarounds for this issue.
For more information
If you have any questions or comments about this advisory, please contact AWS Security at [email protected].
Permalink: https://github.com/advisories/GHSA-jc69-hjw2-fm86JSON: https://advisories.ecosyste.ms/api/v1/advisories/GSA_kwCzR0hTQS1qYzY5LWhqdzItZm04Ns4AAvS6
Source: GitHub Advisory Database
Origin: Unspecified
Severity: High
Classification: General
Published: almost 2 years ago
Updated: over 1 year ago
CVSS Score: 7.1
CVSS vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:R/S:C/C:H/I:L/A:L
Identifiers: GHSA-jc69-hjw2-fm86, CVE-2022-41828
References:
- https://github.com/aws/amazon-redshift-jdbc-driver/security/advisories/GHSA-jc69-hjw2-fm86
- https://github.com/aws/amazon-redshift-jdbc-driver/commit/9999659bbc9f3d006fb02a0bf39d5bcf3b503605
- https://nvd.nist.gov/vuln/detail/CVE-2022-41828
- https://github.com/aws/amazon-redshift-jdbc-driver/commit/40b143b4698faf90c788ffa89f2d4d8d2ad068b5
- https://github.com/advisories/GHSA-jc69-hjw2-fm86
Blast Radius: 20.2
Affected Packages
maven:com.amazon.redshift:redshift-jdbc42
Dependent packages: 48Dependent repositories: 701
Downloads:
Affected Version Ranges: < 2.1.0.8
Fixed in: 2.1.0.8
All affected versions:
All unaffected versions: