Unrated severityNVD Advisory· Published Dec 24, 2024· Updated Oct 14, 2025
SQL Injection in the Amazon Redshift ODBC Driver affecting v2.1.5.0
CVE-2024-12746
Description
A SQL injection in the Amazon Redshift ODBC Driver v2.1.5.0 (Windows or Linux) allows a user to gain escalated privileges via the SQLTables or SQLColumns Metadata APIs. Users are recommended to upgrade to the driver version 2.1.6.0 or revert to driver version 2.1.4.0.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
2= 2.1.5.0+ 1 more
- (no CPE)range: = 2.1.5.0
- (no CPE)range: 2.1.5.0
Patches
Vulnerability mechanics
References
3- github.com/aws/amazon-redshift-odbc-driver/releases/tag/v2.1.6mitrepatch
- aws.amazon.com/security/security-bulletins/AWS-2024-015/mitrevendor-advisory
- github.com/aws/amazon-redshift-odbc-driver/security/advisories/GHSA-g63m-5vjv-wr3vmitrevendor-advisory
News mentions
0No linked articles in our index yet.