AI PRP: clickhouse exposed API with weak/default credentials

google / tsunami-security-scanner-plugins

This project aims to provide a central repository for many useful Tsunami Security Scanner plugins.

Apache License 2.0

860 stars 178 forks source link

AI PRP: clickhouse exposed API with weak/default credentials #464

Open lanced00m opened 2 months ago

lanced00m commented 2 months ago

one of the main use cases of Clickhouse is in Machine Learning & GenAI. the default username and password exist for clickhouse especially when you set it up with docker containers.

docker hub: https://hub.docker.com/r/clickhouse/clickhouse-server/ documentation: https://clickhouse.com/docs/en/install#from-docker-image GitHub repository: https://github.com/ClickHouse/ClickHouse

Also, there is a simple UI that is part of the main API:

maoning commented 2 months ago

@lanced00m does the clickhouse API supports arbitrary command execution or just SQL cmds?

lanced00m commented 2 months ago

@maoning I didn't find a way to execute an OS command with the help of SQL cmds. but it is still a critical bug.