← Volver a CVEs
CVE-2026-35562
HIGH7.5
Descripcion
Allocation of resources without limits in the parsing components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to cause a denial of service by delivering crafted input that triggers excessive resource consumption during the driver's parsing operations. To remediate this issue, users should upgrade to version 2.1.0.0.
Detalles CVE
Puntuacion CVSS v3.17.5
SeveridadHIGH
Vector CVSSCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Vector de ataqueNETWORK
ComplejidadLOW
Privilegios requeridosNONE
Interaccion usuarioNONE
Publicado4/3/2026
Ultima modificacion4/3/2026
Fuentenvd
Avistamientos honeypot0
Debilidades (CWE)
CWE-770
Referencias
https://aws.amazon.com/security/security-bulletins/2026-013-aws/(ff89ba41-3aa1-4d27-914a-91399e9639e5)
https://docs.aws.amazon.com/athena/latest/ug/odbc-v2-driver-release-notes.html(ff89ba41-3aa1-4d27-914a-91399e9639e5)
https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Linux/AmazonAthenaODBC-2.1.0.0.rpm(ff89ba41-3aa1-4d27-914a-91399e9639e5)
https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Mac/Intel/AmazonAthenaODBC-2.1.0.0_x86.pkg(ff89ba41-3aa1-4d27-914a-91399e9639e5)
https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Mac/arm/AmazonAthenaODBC-2.1.0.0_arm.pkg(ff89ba41-3aa1-4d27-914a-91399e9639e5)
https://downloads.athena.us-east-1.amazonaws.com/drivers/ODBC/v2.1.0.0/Windows/AmazonAthenaODBC-2.1.0.0.msi(ff89ba41-3aa1-4d27-914a-91399e9639e5)
Correlaciones IOC
Sin correlaciones registradas
This product uses data from the NVD API but is not endorsed or certified by the NVD.