Amazon has fixed three high-severity security vulnerabilities in its Amazon Redshift drivers that could allow attackers to escalate privileges and potentially compromise data. The vulnerabilities affect the JDBC, Python Connector, and ODBC drivers for Amazon Redshift.
Amazon has confirmed that three high-severity security vulnerabilities that could allow for privilege escalation and all the implications that this can bring for potential data compromise have been identified and fixed. Here’s what you need to know about the SQL injection issues across a number of Amazon Redshift drivers: CVE-2024-12744, CVE-2024-12745 and CVE-2024-12746 and allow as much as 16 petabytes of data on a single cluster.
Amazon said that Amazon Redshift can enable near real-time analytics without building complex data pipelines, bringing the ability to “.”. It is the powerful SQL analytic capabilities of Amazon Redshift when used with SageMaker Lakehouse that attracts tens of thousands of customers. And hackers., Amazon Web Services said that it had identified high-severity issues within the Amazon Redshift Java Database Connectivity Driver, Amazon Redshift Python Connector, and Amazon Redshift Open Database Connectivity Driver. The vulnerabilities, all of which get an official rating of 8, impact Amazon Redshift JDBC Driver, version 2.1.0.31; Amazon Redshift Python Connector, version 2.1.4; Amazon Redshift ODBC Driver, version v2.1.5.0.is a SQL injection issue in the RedShift JDBC Driver which could allow an attacker to gain escalated privileges. “We recommend customers upgrade to the driver version 2.1.0.32,” Amazon said, “or revert to driver version 2.1.0.30.” is another SQL injection issue, this time in the Redshift Python Connector, whereby an SQL command using externally influenced input from an upstream component doesn’t neutralize, or does so incorrectly, elements that could modify the intended command. “This issue has been addressed in driver version 2.1.5,” Amazon said, “we recommend customers upgrade to the driver version 2.1.5 or revert to driver version 2.1.3.” impacts the Redshift ODBC Driver v2.1.5.0 and allows privilege escalation by way of an SQL injection issues when utilizing the SQLTables or SQLColumns Metadata API
Amazon Redshift Security Vulnerabilities SQL Injection
United States Latest News, United States Headlines
Similar News:You can also read news stories similar to this one that we have collected from other news sources.
20 electronic deals you won't want to miss on Amazon this Black FridayPay less for Amazon devices, headphones, TVs and laptops during Amazon’s Black Friday sales.
Read more »
Amazon faces global pushback from its workers in annual 'Make Amazon Pay' strikeRooted in fact-based, transparent reporting, Newsy is an award-winning opinion-free network owned by the E.W. Scripps Company that is relentlessly focused on “the why” of every story and seeks to enable a more intimate and immersive understanding of the issues that matter.
Read more »
Amazon Workers in 20+ Countries Plan Strikes to 'Make Amazon Pay'Amazon employees worldwide are set to strike during the holiday shopping rush to protest against working conditions and corporate practices.
Read more »
Amazon Workers Plan 'Make Amazon Pay' Strike During Black Friday and Cyber MondayWorkers in over 20 countries, including the U.S., U.K., France, Germany, Japan, Brazil, India, and Turkey, are planning a strike titled 'Make Amazon Pay'. The strike aims for better pay and the right to unionize. The protest is set to occur during the busy shopping periods of Black Friday and Cyber Monday.
Read more »
Amazon Is Now Selling Hyundai Vehicles Through Amazon AutosAmazon’s partnership with Hyundai means you can use the e-retailer to purchase a brand-new car online. More manufacturers will be joining the new service, called Amazon Autos, next year.
Read more »
Bears vs. Lions: Teams to wear special jersey patches for Thanksgiving gameThe Chicago Bears will be back in the Thanksgiving spotlight for the first time in three years, and they’ll be wearing special jersey patches for the…
Read more »