CVE-2024-49194 | Databricks JDBC Driver up to 2.6.39 JNDI krbJAASFile injection

Posted by Angelo Barbosa | Dec 18, 2024 | CVE

A vulnerability was found in Databricks JDBC Driver up to 2.6.39. It has been classified as critical. This affects an unknown part of the component JNDI Handler. The manipulation of the argument krbJAASFile leads to injection.

This vulnerability is uniquely identified as CVE-2024-49194. It is possible to initiate the attack remotely. There is no exploit available.

It is recommended to upgrade the affected component.

CVE-2024-49194 | Databricks JDBC Driver up to 2.6.39 JNDI krbJAASFile injection

Related Posts

CVE-2024-27518 | SUPERAntiSpyware Professional X 10.0.1262/10.0.1264 uncontrolled search path

CVE-2024-2087 | Brizy Plugin up to 2.4.43 on WordPress Form cross site scripting

CVE-2024-34067 | Pterodactyl Panel up to 1.11.5 cross site scripting

CVE-2024-9878 | 10Web Photo Gallery Plugin up to 1.8.30 on WordPress cross site scripting