4 matches found
ClickHouse < 1.1.54388
The version of ClickHouse installed on the remote host is prior to 1.1.54388. It is, therefore, affected by a Cross Protocol Request Forgery vulnerability. In ClickHouse before 1.1.54388, remote table function allowed arbitrary symbols in user, password and defaultdatabase fields which led to Cro...
CVE-2018-14668
In ClickHouse before 1.1.54388, "remote" table function allowed arbitrary symbols in "user", "password" and "defaultdatabase" fields which led to Cross Protocol Request Forgery Attacks...
CVE-2018-14668
In ClickHouse before 1.1.54388, "remote" table function allowed arbitrary symbols in "user", "password" and "defaultdatabase" fields which led to Cross Protocol Request Forgery Attacks...
CVE-2018-14668
CVE-2018-14668 affects ClickHouse versions before 1.1.54388. The vulnerability arises from the remote table function allowing arbitrary symbols in the fields “user”, “password”, and “default_database,” enabling Cross Protocol Request Forgery Attacks. The available connected documents confirm the ...