CVE-2024-23689 - OpenCVE

Exposure of sensitive information in exceptions in ClichHouse's clickhouse-r2dbc, com.clickhouse:clickhouse-jdbc, and com.clickhouse:clickhouse-client versions less than 0.4.6 allows unauthorized users to gain access to client certificate passwords via client exception logs. This occurs when 'sslkey' is specified and an exception, such as a ClickHouseException or SQLException, is thrown during database operations; the certificate password is then included in the logged exception message.

Attack Vector Network

Attack Complexity Low

Privileges Required Low

Scope Unchanged

Confidentiality Impact High

Integrity Impact High

Availability Impact High

User Interaction None

No CVSS v3.0

No CVSS v2

Vendors & Products
CPE Configurations

Vendors	Products
Clickhouse	Java Libraries

Configuration 1 [-]

cpe:2.3:a:clickhouse:java_libraries:*:*:*:*:*:*:*:*

References

Link	Resource
https://github.com/ClickHouse/clickhouse-java/issues/1331	Exploit Issue Tracking
https://github.com/ClickHouse/clickhouse-java/pull/1334	Issue Tracking Patch
https://github.com/ClickHouse/clickhouse-java/releases/tag/v0.4.6	Release Notes
https://github.com/ClickHouse/clickhouse-java/security/advisories/GHSA-g8ph-74m6-8m7r	Vendor Advisory
https://github.com/advisories/GHSA-g8ph-74m6-8m7r	Third Party Advisory
https://vulncheck.com/advisories/vc-advisory-GHSA-g8ph-74m6-8m7r	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: VulnCheck

Published: 2024-01-19T21:02:29.558Z

Updated: 2024-01-19T21:02:29.558Z

Reserved: 2024-01-19T17:35:14.200Z

Link: CVE-2024-23689

JSON object: View

NVD Information

Status : Analyzed

Published: 2024-01-19T21:15:10.520

Modified: 2024-01-26T14:50:45.023

Link: CVE-2024-23689

JSON object: View

Redhat Information

No data.

CWE

CWE-209

{"dataType": "CVE_RECORD", "dataVersion": "5.0", "cveMetadata": {"cveId": "CVE-2024-23689", "assignerOrgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "state": "PUBLISHED", "assignerShortName": "VulnCheck", "dateReserved": "2024-01-19T17:35:14.200Z", "datePublished": "2024-01-19T21:02:29.558Z", "dateUpdated": "2024-01-19T21:02:29.558Z"}, "containers": {"cna": {"affected": [{"collectionURL": "https://repo.maven.apache.org/maven2", "defaultStatus": "unaffected", "packageName": "com.clickhouse:clickhouse-r2dbc", "versions": [{"lessThan": "0.4.6", "status": "affected", "version": "0", "versionType": "maven"}]}, {"collectionURL": "https://repo.maven.apache.org/maven2", "defaultStatus": "unaffected", "packageName": "com.clickhouse:clickhouse-jdbc", "versions": [{"lessThan": "0.4.6", "status": "affected", "version": "0", "versionType": "maven"}]}, {"collectionURL": "https://repo.maven.apache.org/maven2", "defaultStatus": "unaffected", "packageName": "com.clickhouse:clickhouse-client", "versions": [{"lessThan": "0.4.6", "status": "affected", "version": "0", "versionType": "maven"}]}], "descriptions": [{"lang": "en", "supportingMedia": [{"base64": false, "type": "text/html", "value": "<p>Exposure of sensitive information in exceptions in ClichHouse's clickhouse-r2dbc, com.clickhouse:clickhouse-jdbc, and com.clickhouse:clickhouse-client versions less than 0.4.6 allows unauthorized users to gain access to client certificate passwords via client exception logs. This occurs when 'sslkey' is specified and an exception, such as a ClickHouseException or SQLException, is thrown during database operations; the certificate password is then included in the logged exception message.</p>"}], "value": "Exposure of sensitive information in exceptions in ClichHouse's clickhouse-r2dbc, com.clickhouse:clickhouse-jdbc, and com.clickhouse:clickhouse-client versions less than 0.4.6 allows unauthorized users to gain access to client certificate passwords via client exception logs. This occurs when 'sslkey' is specified and an exception, such as a ClickHouseException or SQLException, is thrown during database operations; the certificate password is then included in the logged exception message.\n\n"}], "problemTypes": [{"descriptions": [{"cweId": "CWE-209", "description": "CWE-209 Generation of Error Message Containing Sensitive Information", "lang": "en", "type": "CWE"}]}], "providerMetadata": {"orgId": "83251b91-4cc7-4094-a5c7-464a1b83ea10", "shortName": "VulnCheck", "dateUpdated": "2024-01-19T21:02:29.558Z"}, "references": [{"tags": ["vendor-advisory"], "url": "https://github.com/ClickHouse/clickhouse-java/security/advisories/GHSA-g8ph-74m6-8m7r"}, {"tags": ["issue-tracking"], "url": "https://github.com/ClickHouse/clickhouse-java/issues/1331"}, {"tags": ["patch"], "url": "https://github.com/ClickHouse/clickhouse-java/pull/1334"}, {"tags": ["related"], "url": "https://github.com/ClickHouse/clickhouse-java/releases/tag/v0.4.6"}, {"tags": ["third-party-advisory"], "url": "https://github.com/advisories/GHSA-g8ph-74m6-8m7r"}, {"tags": ["third-party-advisory"], "url": "https://vulncheck.com/advisories/vc-advisory-GHSA-g8ph-74m6-8m7r"}], "source": {"discovery": "INTERNAL"}, "title": "ClickHouse Client Certificate Password Exposure"}}}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:clickhouse:java_libraries:*:*:*:*:*:*:*:*", "matchCriteriaId": "F7EFEC79-6EFB-4FCD-A772-C6A600512D6A", "versionEndExcluding": "0.4.6", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Exposure of sensitive information in exceptions in ClichHouse's clickhouse-r2dbc, com.clickhouse:clickhouse-jdbc, and com.clickhouse:clickhouse-client versions less than 0.4.6 allows unauthorized users to gain access to client certificate passwords via client exception logs. This occurs when 'sslkey' is specified and an exception, such as a ClickHouseException or SQLException, is thrown during database operations; the certificate password is then included in the logged exception message.\n\n"}, {"lang": "es", "value": "La exposici\u00f3n de informaci\u00f3n confidencial en excepciones en las versiones clickhouse-r2dbc, com.clickhouse:clickhouse-jdbc y com.clickhouse:clickhouse-client de ClichHouse inferiores a 0.4.6 permite a usuarios no autorizados obtener acceso a las contrase\u00f1as de los certificados del cliente a trav\u00e9s de los registros de excepciones del cliente. Esto ocurre cuando se especifica 'sslkey' y se genera una excepci\u00f3n, como ClickHouseException o SQLException, durante las operaciones de la base de datos; la contrase\u00f1a del certificado se incluye en el mensaje de excepci\u00f3n registrado."}], "id": "CVE-2024-23689", "lastModified": "2024-01-26T14:50:45.023", "metrics": {"cvssMetricV31": [{"cvssData": {"attackComplexity": "LOW", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "baseScore": 8.8, "baseSeverity": "HIGH", "confidentialityImpact": "HIGH", "integrityImpact": "HIGH", "privilegesRequired": "LOW", "scope": "UNCHANGED", "userInteraction": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H", "version": "3.1"}, "exploitabilityScore": 2.8, "impactScore": 5.9, "source": "nvd@nist.gov", "type": "Primary"}]}, "published": "2024-01-19T21:15:10.520", "references": [{"source": "disclosure@vulncheck.com", "tags": ["Exploit", "Issue Tracking"], "url": "https://github.com/ClickHouse/clickhouse-java/issues/1331"}, {"source": "disclosure@vulncheck.com", "tags": ["Issue Tracking", "Patch"], "url": "https://github.com/ClickHouse/clickhouse-java/pull/1334"}, {"source": "disclosure@vulncheck.com", "tags": ["Release Notes"], "url": "https://github.com/ClickHouse/clickhouse-java/releases/tag/v0.4.6"}, {"source": "disclosure@vulncheck.com", "tags": ["Vendor Advisory"], "url": "https://github.com/ClickHouse/clickhouse-java/security/advisories/GHSA-g8ph-74m6-8m7r"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://github.com/advisories/GHSA-g8ph-74m6-8m7r"}, {"source": "disclosure@vulncheck.com", "tags": ["Third Party Advisory"], "url": "https://vulncheck.com/advisories/vc-advisory-GHSA-g8ph-74m6-8m7r"}], "sourceIdentifier": "disclosure@vulncheck.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-209"}], "source": "nvd@nist.gov", "type": "Primary"}, {"description": [{"lang": "en", "value": "CWE-209"}], "source": "disclosure@vulncheck.com", "type": "Secondary"}]}