CVE-2022-29972

Description from NVD

An argument injection vulnerability in the browser-based authentication component of the Magnitude Simba Amazon Redshift ODBC Driver (1.4.14 through 1.4.21.1001 and 1.4.22 through 1.4.x before 1.4.52) may allow a local user to execute arbitrary code.

Information Acquisition Date:2022-05-31T16:40Z
CVSS 2.0: 7.2 HIGH CVSS 3.x: 7.8 HIGH

▼ CVSS3 Vec CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

▼ CVSS2 Vec AV:L/AC:L/Au:N/C:C/I:C/A:C

NVD References

 https://insightsoftware.com/trust/security/advisories/redshift-and-athena-driver-vulnerability/
     source:CONFIRM
     tags:Vendor Advisory    
 https://www.magnitude.com/products/data-connectivity
     source:MISC
     tags:Product    

Refer to Information on External Sites

CVE InfomationExploits or more Infomation
mitreEXPLOIT DATABASE
NVD0day.today
vulmon.comgithub
CVE DetailsTwitter
JVN ENG JPN
Reconshell

Software Tag: Windows(1 tweets) iOS(1 tweets)

List of frequently cited URLs

URLNum of Times Referred to
https://alerts.vulmon.com/?utm_source=twitter&utm_medium=so...200
https://cvetrends.com53
https://msrc-blog.microsoft.com/2022/05/09/vulnerability-mi...21
https://thehackernews.com/2022/05/microsoft-mitigates-rce-v...7
https://twitter.com/BleepinComputer/status/15237201971605094424
https://orca.security/resources/blog/azure-synapse-analytic...3

▼ Show Information from Twitter(106)

List of frequently cited URLs

URLNum of Times Referred to
alerts.vulmon.com200
cvetrends.com53
msrc-blog.microsoft.com21
thehackernews.com7
twitter.com4
orca.security3

▼ Show Information from Twitter(106)

GitHub Search Results: Up to 10
NameURL
No Data
GitHub Search Results: Up to 10
NameURL
No Data
2022/06/15 Score : 1
Added Har-sia Database : 2022/05/10
Last Modified : 2022/06/15
Highest Scored Date : 2022/05/10
Highest Score : 55