Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

SQL Injection in the Amazon Redshift JDBC Driver affecting v2.1.0.31 - How can we verify that we have updated the JDBC Driver in all the affected places?

0

Regarding this update: Published: 2024-12-24 Updated: 2024-12-26 Title: SQL Injection in the Amazon Redshift JDBC Driver affecting v2.1.0.31

Description A SQL injection in the Amazon Redshift JDBC Driver in v2.1.0.31 allows a user to gain escalated privileges via the getSchemas, getTables, or getColumns Metadata APIs. Users should upgrade to the driver version 2.1.0.32 or revert to driver version 2.1.0.30.

How can we verify that we have updated the JDBC Driver in all the affected places?

Topics
Analytics
Tags
Amazon Redshift
Language
English
asked a year ago63 views
1 Answer
1

Hi, You can use database auditing with the help of Amazon Redshift logs to gather information about clients connecting to your cluster. Hopefully this will help you to identify them and make the necessary updates to the driver. Please refer the documentation below for details.

https://docs.aws.amazon.com/redshift/latest/mgmt/db-auditing.html

AWS
answered a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content