How severe is CVE-2024-12746?

CVE-2024-12746 has a CVSS v3 score of 8 (HIGH).

CVE-2024-12746

Name: redshift_odbc_driver
Author: amazon

8.0HIGH

A SQL injection in the Amazon Redshift ODBC Driver v2.1.5.0 (Windows or Linux) allows a user to gain escalated privileges via the SQLTables or SQLColumns Metadata APIs. Users are recommended to upgrad

Published: 12/24/2024Updated: 12/11/2025

Description

A SQL injection in the Amazon Redshift ODBC Driver v2.1.5.0 (Windows or Linux) allows a user to gain escalated privileges via the SQLTables or SQLColumns Metadata APIs. Users are recommended to upgrade to the driver version 2.1.6.0 or revert to driver version 2.1.4.0.

AI AnalysisPowered by AI

Affected Products

amazonredshift_odbc_driver

2.1.5.0

References

https://aws.amazon.com/security/security-bulletins/AWS-2024-015/
Vendor Advisory
https://github.com/aws/amazon-redshift-odbc-driver/releases/tag/v2.1.6
Release Notes
https://github.com/aws/amazon-redshift-odbc-driver/security/advisories/GHSA-g63m-5vjv-wr3v
Vendor Advisory