medium

Privilege escalation in GCP Cloud SQL

Published Fri, Jun 2nd, 2023

Platforms

Summary

A vulnerability was discovered in Cloud SQL for SQL Server that allowed customer administrator accounts to create triggers in the tempdb database and use those to gain sysadmin privileges in the instance. The sysadmin privileges would give the attacker access to system databases and partial access to the machine running that SQL Server instance.

Affected Services

Cloud SQL

Remediation

None required

Tracked CVEs

No tracked CVEs

References

https://cloud.google.com/support/bulletins#GCP-2023-007 https://cloud.google.com/sql/docs/security-bulletins#gcp-2023-007

Contributed by https://github.com/ramimac

Entry Status

Finalized

Disclosure Date

Exploitablity Period

Known ITW Exploitation

Detection Methods

Piercing Index Rating

Discovered by

More vulnerabilities...

high

Cloud SQL for SQL Server privilege escalation

A vulnerability discovered in GCP's Cloud SQL service allowed customer administrator accounts to create triggers in the tempdb database and use those to gain sysadmin privileges in the instance. Th...

Dig

Wed, May 24th, 2023

high

API Management SSRF and path traversal vulnerabilities

Azure API Management is an API gateway service meant to help organizations to create, manage, secure, and monitor APIs across all of their environments. Researchers found three high severity vulner...

Liv Matan, Ermetic

Thu, May 4th, 2023

low

MFA enforcement IAM policy bypass

An AWS-recommended IAM policy that enforced MFA on access keys could have been bypassed due to a change implemented by AWS in November 2022 that allowed IAM users to assign multiple MFA devices to ...

Justin Moorcroft, MWR CyberSec

Tue, Apr 25th, 2023

View all