CVE-2018-14669

ClickHouse MySQL client before versions 1.1.54390 had "LOAD DATA LOCAL INFILE" functionality enabled that allowed a malicious MySQL database read arbitrary files from the connected ClickHouse server.
References
Link Resource
https://clickhouse.yandex/docs/en/security_changelog/ Release Notes Vendor Advisory
Configurations

Configuration 1

cpe:2.3:a:yandex:clickhouse:*:*:*:*:*:*:*:*

Information

Published : 2019-08-15 06:15

Updated : 2019-08-28 04:37


NVD link : CVE-2018-14669

Mitre link : CVE-2018-14669

Products Affected
No products.
CWE