CVE-2022-41828

HIGH

Amazon AWS Redshift JDBC Driver <2.1.0.8 - Code Injection

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 1 public exploit for CVE-2022-41828. PoCs published by murataydemir.

AI-analyzed exploit summary This repository provides a detailed writeup and patch analysis for CVE-2022-41828, a remote code execution vulnerability in the Amazon AWS Redshift JDBC Driver. The vulnerability arises from improper class instantiation without interface verification, allowing arbitrary Java class loading via JDBC URL manipulation.

Description

In Amazon AWS Redshift JDBC Driver (aka amazon-redshift-jdbc-driver or redshift-jdbc42) before 2.1.0.8, the Object Factory does not check the class type when instantiating an object from a class name.

Exploits (1)

nomisec WRITEUP 4 stars
by murataydemir · poc
https://github.com/murataydemir/CVE-2022-41828

This repository provides a detailed writeup and patch analysis for CVE-2022-41828, a remote code execution vulnerability in the Amazon AWS Redshift JDBC Driver. The vulnerability arises from improper class instantiation without interface verification, allowing arbitrary Java class loading via JDBC URL manipulation.

Classification
Writeup 100%
Attack Type
Rce
Complexity
Moderate
Reliability
Reliable
Target: Amazon Redshift JDBC Driver (redshift-jdbc42) <= 2.1.0.7
No auth needed
Prerequisites: Attacker control over JDBC connection URL · Use of vulnerable JDBC driver version
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (2)

Core 2

Scores

CVSS v3 8.1
EPSS 0.0964
EPSS Percentile 93.1%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H

CISA SSVC

Vulnrichment
Exploitation none
Automatable no
Technical Impact partial

Details

CWE
CWE-704
Status published
Products (2)
amazon/amazon_web_services_redshift_java_database_connectivity_driver < 2.1.0.8
com.amazon.redshift/redshift-jdbc42 0 - 2.1.0.8Maven
Published Sep 29, 2022
Tracked Since Feb 18, 2026