Vulnerability Information
Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.
Vulnerability Title
Insufficient authentication security controls in browser-based authentication components in Amazon Athena ODBC driver
Vulnerability Description
Insufficient authentication security controls in the browser-based authentication components in Amazon Athena ODBC driver before 2.1.0.0 might allow a threat actor to intercept or hijack authentication sessions due to insufficient protections in the browser-based authentication flows. To remediate this issue, users should upgrade to version 2.1.0.0.
CVSS Information
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Vulnerability Type
授权机制缺失
Vulnerability Title
Amazon Athena ODBC driver 安全漏洞
Vulnerability Description
Amazon Athena ODBC driver是美国亚马逊(Amazon)公司的一款数据库连接驱动程序。 Amazon Athena ODBC driver 2.1.0.0之前版本存在安全漏洞,该漏洞源于基于浏览器的身份验证组件中身份验证安全控制不足,可能导致攻击者拦截或劫持身份验证会话。
CVSS Information
N/A
Vulnerability Type
N/A