CVE-2018-14668

See a problem?
Please try reporting it to the source first.
Source
https://cve.org/CVERecord?id=CVE-2018-14668
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-14668.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2018-14668
Downstream
Published
2019-08-15T18:15:13.693Z
Modified
2026-03-12T22:55:49.535481Z
Severity
  • 8.8 (High) CVSS_V3 - CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator
Summary
[none]
Details

In ClickHouse before 1.1.54388, "remote" table function allowed arbitrary symbols in "user", "password" and "default_database" fields which led to Cross Protocol Request Forgery Attacks.

References

Affected packages

Git / github.com/clickhouse/clickhouse

Affected ranges

Type
GIT
Repo
https://github.com/clickhouse/clickhouse
Events
Introduced
0 Unknown introduced commit / All previous commits are affected
Fixed
e03d523f191e97907e2252199c71e89291a79e7f
Database specific 
{
    "versions": [
        {
            "introduced": "0"
        },
        {
            "fixed": "1.1.54388"
        }
    ]
}

Affected versions

Other
53973
53974
53975
53976
53977
53978
53979
53980
53981
53982
53983
53984
53985
53986
53987
53988
53989
53990
53991
53992
53993
53994
53995
53996
53997
53998
53999
54000
54001
54002
54003
54004
54005
54006
54007
54008
54009
54010
54011
v1.*
v1.1.1-testing
v1.1.3-testing
v1.1.4-testing
v1.1.5-testing
v1.1.54011-stable
v1.1.54011-testing
v1.1.54012-testing
v1.1.54013-testing
v1.1.54014-testing
v1.1.54015-testing
v1.1.54016-testing
v1.1.54017-testing
v1.1.54018-testing
v1.1.54019-stable
v1.1.54019-testing
v1.1.54020-stable
v1.1.54020-testing
v1.1.54021-testing
v1.1.54022-stable
v1.1.54022-testing
v1.1.54023-stable
v1.1.54023-testing
v1.1.54024-testing
v1.1.54025-testing
v1.1.54026-testing
v1.1.54027-testing
v1.1.54028-testing
v1.1.54029-testing
v1.1.54030-stable
v1.1.54030-testing
v1.1.54031-testing
v1.1.54032-testing
v1.1.54033-testing
v1.1.54034-testing
v1.1.54035-testing
v1.1.54036-testing
v1.1.54037-testing
v1.1.54038-testing
v1.1.54039-testing
v1.1.54040-testing
v1.1.54041-testing
v1.1.54042-testing
v1.1.54043-testing
v1.1.54044-testing
v1.1.54045-testing
v1.1.54047-testing
v1.1.54048-testing
v1.1.54049-testing
v1.1.54050-testing
v1.1.54051-testing
v1.1.54052-testing
v1.1.54053-testing
v1.1.54054-testing
v1.1.54055-testing
v1.1.54056-testing
v1.1.54057-testing
v1.1.54060-testing
v1.1.54064-testing
v1.1.54067-testing
v1.1.54068-testing
v1.1.54069-testing
v1.1.54070-testing
v1.1.54071-testing
v1.1.54072-testing
v1.1.54073-testing
v1.1.54074-stable
v1.1.54074-testing
v1.1.54075-testing
v1.1.54076-testing
v1.1.54077-testing
v1.1.54078-testing
v1.1.54079-testing
v1.1.54080-stable
v1.1.54080-testing
v1.1.54083-stable
v1.1.54083-testing
v1.1.54087-testing
v1.1.54088-testing
v1.1.54090-testing
v1.1.54091-testing
v1.1.54092-testing
v1.1.54093-testing
v1.1.54095-testing
v1.1.54096-testing
v1.1.54097-testing
v1.1.54098-testing
v1.1.54099-testing
v1.1.54100-testing
v1.1.54101-testing
v1.1.54102-testing
v1.1.54103-testing
v1.1.54104-testing
v1.1.54105-testing
v1.1.54106-testing
v1.1.54107-testing
v1.1.54108-testing
v1.1.54109-testing
v1.1.54110-testing
v1.1.54111-testing
v1.1.54112-stable
v1.1.54112-testing
v1.1.54113-testing
v1.1.54114-testing
v1.1.54115-testing
v1.1.54118-testing
v1.1.54119-testing
v1.1.54120-testing
v1.1.54121-testing
v1.1.54122-testing
v1.1.54123-testing
v1.1.54124-testing
v1.1.54125-testing
v1.1.54126-testing
v1.1.54127-stable
v1.1.54127-testing
v1.1.54128-testing
v1.1.54129-testing
v1.1.54130-testing
v1.1.54131-testing
v1.1.54132-testing
v1.1.54133-stable
v1.1.54133-testing
v1.1.54134-stable
v1.1.54134-testing
v1.1.54135-stable
v1.1.54135-testing
v1.1.54136-testing
v1.1.54137-testing
v1.1.54138-testing
v1.1.54139-testing
v1.1.54140-testing
v1.1.54141-testing
v1.1.54142-testing
v1.1.54143-testing
v1.1.54144-stable
v1.1.54144-testing
v1.1.54145-testing
v1.1.54146-testing
v1.1.54147-testing
v1.1.54148-testing
v1.1.54149-testing
v1.1.54150-testing
v1.1.54151-testing
v1.1.54152-testing
v1.1.54153-testing
v1.1.54160-testing
v1.1.54161-testing
v1.1.54162-testing
v1.1.54163-testing
v1.1.54164-testing
v1.1.54165-stable
v1.1.54165-testing
v1.1.54170-testing
v1.1.54171-testing
v1.1.54172-testing
v1.1.54173-testing
v1.1.54178-testing
v1.1.54179-testing
v1.1.54180-testing
v1.1.54181-stable
v1.1.54181-testing
v1.1.54182-testing
v1.1.54183-testing
v1.1.54184-testing
v1.1.54185-testing
v1.1.54186-testing
v1.1.54187-testing
v1.1.54188-stable
v1.1.54188-testing
v1.1.54189-testing
v1.1.54190-stable
v1.1.54190-testing
v1.1.54196-testing
v1.1.54197-testing
v1.1.54198-stable
v1.1.54198-testing
v1.1.54199-testing
v1.1.54200-testing
v1.1.54201-testing
v1.1.54202-testing
v1.1.54203-testing
v1.1.54204-testing
v1.1.54205-testing
v1.1.54206-testing
v1.1.54207-testing
v1.1.54208-testing
v1.1.54209-testing
v1.1.54210-testing
v1.1.54211-testing
v1.1.54212-testing
v1.1.54213-testing
v1.1.54214-testing
v1.1.54215-testing
v1.1.54216-testing
v1.1.54217-testing
v1.1.54218-testing
v1.1.54219-testing
v1.1.54223-testing
v1.1.54225-testing
v1.1.54226-testing
v1.1.54227-testing
v1.1.54228-testing
v1.1.54229-testing
v1.1.54230-testing
v1.1.54232-testing
v1.1.54233-testing
v1.1.54234-testing
v1.1.54236-stable
v1.1.54236-testing
v1.1.54237-testing
v1.1.54238-testing
v1.1.54239-testing
v1.1.54240-testing
v1.1.54241-testing
v1.1.54242-stable
v1.1.54242-testing
v1.1.54243-testing
v1.1.54244-testing
v1.1.54246-testing
v1.1.54247-testing
v1.1.54248-testing
v1.1.54249-testing
v1.1.54250-testing
v1.1.54251-testing
v1.1.54252-testing
v1.1.54253-testing
v1.1.54259-testing
v1.1.54260-testing
v1.1.54261-testing
v1.1.54262-testing
v1.1.54263-testing
v1.1.54264-testing
v1.1.54265-testing
v1.1.54266-testing
v1.1.54267-testing
v1.1.54268-testing
v1.1.54269-testing
v1.1.54270-testing
v1.1.54271-testing
v1.1.54272-testing
v1.1.54273-testing
v1.1.54274-testing
v1.1.54278-testing
v1.1.54279-testing
v1.1.54280-testing
v1.1.54285-testing
v1.1.54286-testing
v1.1.54287-testing
v1.1.54288-testing
v1.1.54290-testing
v1.1.54291-testing
v1.1.54292-stable
v1.1.54292-testing
v1.1.54294-testing
v1.1.54297-testing
v1.1.54300-testing
v1.1.54305-testing
v1.1.54306-testing
v1.1.54307-testing
v1.1.54308-testing
v1.1.54309-testing
v1.1.54310-stable
v1.1.54310-testing
v1.1.54312-testing
v1.1.54314-testing
v1.1.54317-testing
v1.1.54319-testing
v1.1.54322-testing
v1.1.54323-testing
v1.1.54324-testing
v1.1.54325-testing
v1.1.54326-testing
v1.1.54328-testing
v1.1.54329-testing
v1.1.54330-testing
v1.1.54331-testing
v1.1.54332-testing
v1.1.54333-testing
v1.1.54334-testing
v1.1.54335-stable
v1.1.54335-testing
v1.1.54336-stable
v1.1.54336-testing
v1.1.54337-stable
v1.1.54337-testing
v1.1.54338-testing
v1.1.54339-testing
v1.1.54340-testing
v1.1.54341-testing
v1.1.54342-stable
v1.1.54342-testing
v1.1.54343-stable
v1.1.54343-testing
v1.1.54344-testing
v1.1.54345-testing
v1.1.54346-testing
v1.1.54347-testing
v1.1.54348-testing
v1.1.54349-testing
v1.1.54350-testing
v1.1.54351-testing
v1.1.54352-testing
v1.1.54353-testing
v1.1.54354-testing
v1.1.54355-testing
v1.1.54356-testing
v1.1.54357-testing
v1.1.54358-stable
v1.1.54358-testing
v1.1.54359-testing
v1.1.54360-testing
v1.1.54361-testing
v1.1.54362-stable
v1.1.54362-testing
v1.1.54363-testing
v1.1.54364-testing
v1.1.54365-testing
v1.1.54366-testing
v1.1.54367-testing
v1.1.54368-testing
v1.1.54369-testing
v1.1.54370-stable
v1.1.54370-testing
v1.1.54371-testing
v1.1.54372-testing
v1.1.54373-testing
v1.1.54374-testing
v1.1.54375-testing
v1.1.54376-testing
v1.1.54377-testing
v1.1.54378-stable
v1.1.54378-testing
v1.1.54379-testing
v1.1.54380-stable
v1.1.54380-testing
v1.1.54382-testing
v1.1.54386-testing
v1.1.54387-testing
v1.1.6-testing

Database specific

source 
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2018-14668.json"