ClickHouse < 1.1.54390

🗓️ 24 Feb 2025 00:00:00Reported by TenableType

ClickHouse versions prior to 1.1.54390 vulnerable to arbitrary file read attacks.

Reporter	Title	Published	Views	Family All 12
ClickHouse	Fixed in ClickHouse Release 1.1.54390, 2018-07-06	6 Jul 201800:00	–	clickhouse
ClickHouse	CVE-2018-14669	6 Jul 201800:00	–	clickhouse
CNVD	Yandex ClickHouse MySQL client information disclosure vulnerability	15 Aug 201900:00	–	cnvd
CVE	CVE-2018-14669	15 Aug 201917:39	–	cve
Cvelist	CVE-2018-14669	15 Aug 201917:39	–	cvelist
EUVD	EUVD-2018-6563	7 Oct 202500:30	–	euvd
NVD	CVE-2018-14669	15 Aug 201918:15	–	nvd
OSV	UBUNTU-CVE-2018-14669	15 Aug 201918:15	–	osv
Prion	Code injection	15 Aug 201918:15	–	prion
Positive Technologies	PT-2019-9040 · Clickhouse · Clickhouse Mysql Client	15 Aug 201900:00	–	ptsecurity

Source	Link
clickhouse	www.clickhouse.yandex/docs/en/security_changelog/
cve	www.cve.mitre.org/cgi-bin/cvename.cgi

#%NASL_MIN_LEVEL 80900

##
# Tenable, Inc.
##

include('compat.inc');

if (description)
{
  script_id(216692);
  script_version("1.2");
  script_set_attribute(attribute:"plugin_modification_date", value:"2025/02/25");

  script_cve_id("CVE-2018-14669");

  script_name(english:"ClickHouse < 1.1.54390");

  script_set_attribute(attribute:"synopsis", value:
"The remote host is affected by a vulnerability.");
  script_set_attribute(attribute:"description", value:
"The version of ClickHouse installed on the remote host is prior to 1.1.54390. It is, therefore, affected by an
arbitrary file read vulnerability. ClickHouse MySQL client before versions 1.1.54390 had LOAD DATA LOCAL INFILE 
functionality enabled that allowed a malicious MySQL database read arbitrary files from the connected ClickHouse server.

Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.");
  script_set_attribute(attribute:"see_also", value:"https://clickhouse.yandex/docs/en/security_changelog/");
  script_set_attribute(attribute:"solution", value:
"Upgrade to ClickHouse version 1.1.54390 or later.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N");
  script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
  script_set_attribute(attribute:"cvss_score_source", value:"CVE-2018-14669");

  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(200);

  script_set_attribute(attribute:"vuln_publication_date", value:"2019/08/15");
  script_set_attribute(attribute:"patch_publication_date", value:"2019/08/15");
  script_set_attribute(attribute:"plugin_publication_date", value:"2025/02/24");

  script_set_attribute(attribute:"plugin_type", value:"remote");
  script_set_attribute(attribute:"cpe", value:"cpe:/a:yandex:clickhouse");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_family(english:"Misc.");

  script_copyright(english:"This script is Copyright (C) 2025 and is owned by Tenable, Inc. or an Affiliate thereof.");

  script_dependencies("clickhouse_web_detect.nbin");
  script_require_keys("installed_sw/ClickHouse");

  exit(0);
}

include('vcf.inc');

var app_info = vcf::get_app_info(app:'ClickHouse');
var constraints = [
    { 'min_version':'1.0', 'fixed_version':'1.1.54390' },
];

vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_WARNING);

25 Feb 2025 00:00Current

7.5High risk

Vulners AI Score7.5

CVSS 25

CVSS 37.5

EPSS0.00439