CVE-2023-34230

Name of the Vulnerable Software and Affected Versions snowflake-connector-net versions prior to 2.0.18

Description The issue is related to command injection via SSO URL authentication. An attacker would need to establish a malicious resource and redirect users to utilize it. The attacker could set up a malicious server that responds to the SSO URL with an attack payload. If the attacker tricks a user into visiting the maliciously crafted connection URL, the user’s local machine would render the malicious payload, leading to a remote code execution. This attack scenario can be mitigated through URL whitelisting as well as common anti-phishing resources.

Recommendations For versions prior to 2.0.18, upgrade to version 2.0.18 or later to fix the issue. As a temporary workaround, consider implementing URL whitelisting and using common anti-phishing resources to minimize the risk of exploitation. Restrict access to the SSO URL authentication feature until the issue is resolved.