Scientists have disclosed 7 new security vulnerabilities in an open up-resource database management system option termed ClickHouse that could be weaponized to crash the servers, leak memory contents, and even direct to the execution of arbitrary code.
“The vulnerabilities involve authentication, but can be brought on by any consumer with read through permissions,” Uriya Yavnieli and Or Peles, scientists from DevSecOps firm JFrog, said in a report posted Tuesday.
“This implies the attacker will have to perform reconnaissance on the particular ClickHouse server goal to get legitimate credentials. Any established of qualifications would do, because even a consumer with the cheapest privileges can cause all of the vulnerabilities.”
The checklist of 7 flaws is under –
- CVE-2021-43304 and CVE-2021-43305 (CVSS scores: 8.8) – Heap buffer overflow flaws in the LZ4 compression codec that could lead to distant code execution
- CVE-2021-42387 and CVE-2021-42388 (CVSS scores: 7.1) – Heap out-of-bounds go through flaws in the LZ4 compression codec that could lead to denial-of-service or information leakage
- CVE-2021-42389 (CVSS rating: 6.5) – A divide-by-zero flaw in the Delta compression codec that could consequence in a denial-of-assistance ailment
- CVE-2021-42390 (CVSS rating: 6.5) – A divide-by-zero flaw in the DeltaDouble compression codec that could consequence in a denial-of-company problem
- CVE-2021-42391 (CVSS score: 6.5) – A divide-by-zero flaw in the Gorilla compression codec that could end result in a denial-of-provider condition
An attacker can just take benefit of any of the aforementioned flaws by applying a specifically crafted compressed file to crash a susceptible database server. ClickHouse customers are advisable to improve to version “v188.8.131.52-secure” or later to mitigate the issues.
The findings come a thirty day period just after JFrog disclosed aspects of a higher-severity security vulnerability in Apache Cassandra (CVE-2021-44521, CVSS rating: 8.4) that, if still left unaddressed, could be abused to obtain distant code execution (RCE) on influenced installations.
Identified this short article attention-grabbing? Follow THN on Fb, Twitter and LinkedIn to examine a lot more unique content material we article.
Some parts of this write-up are sourced from: