Amazon Redshift Driver SQL Injection (Alert)

Jan 1, 2025

Amazon Redshift JDBC Driver security vulnerability CVE-2024-12744: SQL injection risk in metadata APIs affecting database operations.


Summary

  1. SQL injection vulnerability via metadata APIs

  2. Affects database schema, table, and column operations

  3. Update required


CVSS Score: 8.6 (HIGH)

  1. Attack Complexity: Low

  2. Impact: Widespread

  3. Urgency: Update Required


Affected Systems

  1. Amazon Redshift JDBC Driver

  2. Database metadata operations

  3. Schema/table management interfaces


Vulnerable Version

  1. 2.1.0.31


Fixed Version

  1. 2.1.0.32


Stay Protected

@SkaSecurity helps track vulnerable dependencies automatically. Start a free trial


Reference https://github.com/advisories/GHSA-8596-2jgr-ppj7


#AWSsecurity #DatabaseSecurity #CyberSecurity #RedshiftJDBC #SQLinjection #CVE202412744 #InfoSec #AppSec


‹ Stop Shifting Left

Secure your code with lightning-fast, affordable SCA, comprehensive SBOM, and GitHub Checks, all seamlessly integrated with your workflow


West Jordan, Utah

Company

About

Pricing

Home

Blog - SkaBlog

Other

Terms of Service

Security

Privacy

Contact