- Description
- A SQL injection in the Amazon Redshift JDBC Driver in v2.1.0.31 allows a user to gain escalated privileges via the getSchemas, getTables, or getColumns Metadata APIs. Users should upgrade to the driver version 2.1.0.32 or revert to driver version 2.1.0.30.
- Source
- ff89ba41-3aa1-4d27-914a-91399e9639e5
- NVD status
- Received
CVSS 4.0
- Type
- Secondary
- Base score
- 8.6
- Impact score
- -
- Exploitability score
- -
- Vector string
- CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:P/VC:H/VI:H/VA:H/SC:N/SI:N/SA:N/E:X/CR:X/IR:X/AR:X/MAV:X/MAC:X/MAT:X/MPR:X/MUI:X/MVC:X/MVI:X/MVA:X/MSC:X/MSI:X/MSA:X/S:X/AU:X/R:X/V:X/RE:X/U:X
- Severity
- HIGH
CVSS 3.1
- Type
- Secondary
- Base score
- 8
- Impact score
- 5.9
- Exploitability score
- 2.1
- Vector string
- CVSS:3.1/AV:N/AC:L/PR:L/UI:R/S:U/C:H/I:H/A:H
- Severity
- HIGH
- ff89ba41-3aa1-4d27-914a-91399e9639e5
- CWE-89
- Hype score
- Not currently trending
Top 5 Trending CVEs: 1 - CVE-2024-49128 2 - CVE-2024-21182 3 - CVE-2024-3094 4 - CVE-2024-12744 5 - CVE-2024-38472 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
1 Jan 2025
107 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-12744 (CVSS 8.6) SQL Injection no Amazon Redshift JDBC Driver 🤔 Publicado na véspera de Natal 🎄🎅 #bolhasec https://t.co/33n2nBaUUO
@sushicomabacate
30 Dec 2024
734 Impressions
1 Retweet
17 Likes
1 Bookmark
2 Replies
0 Quotes
🚨 SQL Injection Vulnerability Alert Amazon Redshift JDBC Driver has been identified with a critical vulnerability: CVE-2024-12744. Stay informed. Stay secure. #CyberSecurity #Amazon #Redshift #SQLInjection #CVE2024 #DataSecurity https://t.co/88Jadz3K69
@CRAC_Learning
29 Dec 2024
28 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
🚨 #Amazon fixes 3 high-severity SQL injection vulnerabilities in #Redshift drivers: 🔓 CVE-2024-12744 (JDBC) 🐍 CVE-2024-12745 (Python Connector) 🔑 CVE-2024-12746 (ODBC) 📢 Update now to secure your data! 💡 Track & defend with SOCRadar Vulnerability Intelligence:… https://
@socradar
28 Dec 2024
140 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-12744 (CVSS:8.0, HIGH) is Received. A SQL injection in the Amazon Redshift JDBC Driver in v2.1.0.31 allows a user to gain escalated privileges via the getSc..https://t.co/XNJ6v3YEIx #cybersecurityawareness #cybersecurity #CVE #infosec #hacker #nvd #mitre
@cracbot
28 Dec 2024
9 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
A trio of SQL injection vulnerabilities has been discovered in various Amazon Redshift drivers, potentially allowing attackers to escalate privileges and wreak havoc on your data. The vulnerabilities tracked as CVE-2024-12744, CVE-2024-12745, and CVE-2024-12746, all carry a… ht
@cybertzar
26 Dec 2024
29 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
🚨 3 SQL injection vulnerabilities in Amazon Redshift drivers (CVE-2024-12744, CVE-2024-12745, CVE-2024-12746) can lead to privilege escalation. Patches are essential to protect sensitive data. #AmazonRedshift #DataBreach #USA #CybersecurityNews link: https://t.co/7iKI0r1SnO htt
@TweetThreatNews
26 Dec 2024
43 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
Top 5 Trending CVEs: 1 - CVE-2024-53961 2 - CVE-2024-9474 3 - CVE-2024-30085 4 - CVE-2024-45387 5 - CVE-2024-12744 #cve #cvetrends #cveshield #cybersecurity https://t.co/4Fua3CAN6W
@CVEShield
26 Dec 2024
13 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
Amazon Redshiftの各ドライバにSQLインジェクションの脆弱性。CVE-2024-12744はJDBC Driver、CVE-2024-12745はPython Connector、CVE-2024-12746はODBC Driver向け。メタデータAPIを叩く際に脆弱。クエリをパラメタ化する修正が適用済み。 https://t.co/PnOweD7vgI
@__kokumoto
26 Dec 2024
457 Impressions
0 Retweets
4 Likes
0 Bookmarks
0 Replies
0 Quotes
Issue with RedShift JDBC Driver, Python Connector and ODBC Driver - (CVE-2024-12744, CVE-2024-12745, CVE-2024-12746) https://t.co/rA2zcHWUu5 #amazon #feedly
@yutuki_r
25 Dec 2024
76 Impressions
0 Retweets
0 Likes
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-12744 SQL Injection in Amazon Redshift JDBC Driver Enables Privilege Escalation The Amazon Redshift JDBC Driver version 2.1.0.31 has a SQL injection issue. It lets a user increase their privileges by usi... https://t.co/8y1mLvLPXj
@VulmonFeeds
24 Dec 2024
107 Impressions
0 Retweets
2 Likes
0 Bookmarks
0 Replies
0 Quotes
[CVE-2024-12744: HIGH] SQL injection in Amazon Redshift JDBC Driver v2.1.0.31 allows privilege escalation. Upgrade to v2.1.0.32 or revert to v2.1.0.30 for security. #cybersecurity#cybersecurity,#vulnerability https://t.co/nARO1Z1Gp3 https://t.co/x8zz8zHwZO
@CveFindCom
24 Dec 2024
38 Impressions
0 Retweets
1 Like
0 Bookmarks
0 Replies
0 Quotes
CVE-2024-12744 A SQL injection in the Amazon Redshift JDBC Driver in v2.1.0.31 allows a user to gain escalated privileges via the getSchemas, getTables, or getColumns Metadata APIs.… https://t.co/OkSrCV9gfI
@CVEnew
24 Dec 2024
577 Impressions
1 Retweet
0 Likes
0 Bookmarks
0 Replies
0 Quotes