PT-2022-20030 · Magnitude Simba · Magnitude Simba Amazon Redshift Jdbc Driver

Published

2022-05-09

Updated

2022-05-18

CVE-2022-30240

CVSS v3.1

7.8

High

Vector

AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions Magnitude Simba Amazon Redshift JDBC Driver versions 1.2.40 through 1.2.55

Description The issue is related to an argument injection vulnerability in the browser-based authentication component. This may allow a local user to execute code.

Recommendations For Magnitude Simba Amazon Redshift JDBC Driver versions 1.2.40 through 1.2.55, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.

Argument Injection

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-88

Related Identifiers

CVE-2022-30240

Affected Products

Magnitude Simba Amazon Redshift Jdbc Driver

PT-2022-20030 · Magnitude Simba · Magnitude Simba Amazon Redshift Jdbc Driver

CVE-2022-30240

Weakness Enumeration

Related Identifiers

Affected Products

References · 5