CVE-2018-14668

In ClickHouse before 1.1.54388, "remote" table function allowed arbitrary symbols in "user", "password" and "default_database" fields which led to Cross Protocol Request Forgery Attacks.
References
Link Resource
https://clickhouse.yandex/docs/en/security_changelog/ Release Notes Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:yandex:clickhouse:*:*:*:*:*:*:*:*

Information

Published : 2019-08-15 06:15

Updated : 2019-08-29 04:17


NVD link : CVE-2018-14668

Mitre link : CVE-2018-14668

Products Affected
No products.
CWE