CVE-2024-55551 | Teknoloji dünyasından en güncel haberleri ve güvenlikle ilgili gelişmeleri takip edin.

An issue was discovered in Exasol JDBC driver before 24.2.1 (2024-12-10). Attackers can inject malicious parameters into the JDBC URL, triggering JNDI injection…
High CVSS: 8.3

CVE-2024-55551

An issue was discovered in Exasol JDBC driver before 24.2.1 (2024-12-10). Attackers can inject malicious parameters into the JDBC URL, triggering JNDI injection during the process when the JDBC Driver uses this URL to connect to the database. This can further lead to remote code execution.
Vendor
Exasol
Product
Jdbc Driver
CWE
CWE-471
Yayın Tarihi
2025-03-19 14:15:37
Güncelleme
2025-09-26 16:33:56
Source Identifier
cve@mitre.org
KEV Date Added
-

Kategoriler

CWE-471 Jdbc Driver HIGH Exasol 2025

Referanslar

https://docs.exasol.com/db/7.1/release_notes_drivers_jdbc/24.2.1.htm https://docs.exasol.com/db/latest/connect_exasol/drivers/jdbc.htm https://gist.github.com/azraelxuemo/9565ec9219e0c3e9afd5474904c39d0f https://www.blackhat.com/eu-24/briefings/schedule/index.html#a-novel-attack-surface-java-authentication-and-authorization-service-jaas-42179