CVE-2024-43382

MEDIUM

5.9

Beschreibung

Snowflake JDBC driver versions >= 3.2.6 and <= 3.19.1 have an Incorrect Security Setting that can result in data being uploaded to an encrypted stage without the additional layer of protection provided by client side encryption.

CVE Details

CVSS v3.1 Bewertung5.9

SchweregradMEDIUM

CVSS VektorCVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:N

AngriffsvektorNETWORK

KomplexitatHIGH

Erforderliche PrivilegienHIGH

BenutzerinteraktionNONE

Veroffentlicht10/30/2024

Zuletzt geandert8/20/2025

Quellenvd

Honeypot-Sichtungen0

Betroffene Produkte

snowflake:snowflake_jdbc

Schwachen (CWE)

CWE-326

Referenzen

https://github.com/snowflakedb/snowflake-jdbc/security/advisories/GHSA-f686-hw9c-xw9c(cve@mitre.org)

IOC Korrelationen

Keine Korrelationen erfasst

This product uses data from the NVD API but is not endorsed or certified by the NVD.