Cyber Posture

CVE-2024-55551

High

Published: 19 March 2025

Published
19 March 2025
Modified
26 September 2025
KEV Added
Patch
CVSS Score 8.3 CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H
EPSS Score 0.0317 87.0th percentile
Risk Priority 19 60% EPSS · 20% KEV · 20% CVSS

Summary

CVE-2024-55551 is a high-severity MAID (CWE-471) vulnerability in Exasol Jdbc Driver. Its CVSS base score is 8.3 (High).

Operationally, exploitation aligns with the MITRE ATT&CK technique Exploitation for Client Execution (T1203); ranked in the top 13.0% of CVEs by exploit likelihood; it is not currently listed in the CISA KEV catalog.

The strongest mitigations our analysis identified are NIST 800-53 RA-5 (Vulnerability Monitoring and Scanning) and SI-10 (Information Input Validation).

Threat & Defense at a Glance

What attackers do: exploitation maps to Exploitation for Client Execution (T1203). What defenders deploy: see the NIST 800-53 controls recommended below.
Threat & Defense Details

Mitigating Controls (NIST 800-53 r5)AI

SI-2 Flaw Remediation good match
prevent

Directly remediates the JNDI injection vulnerability by requiring timely upgrade of the Exasol JDBC driver to version 24.2.1 or later.

SI-10 Information Input Validation good match
prevent

Validates inputs such as JDBC URLs to block malicious parameters that trigger JNDI injection in the vulnerable driver.

RA-5 Vulnerability Monitoring and Scanning good match
detect

Monitors and scans for vulnerabilities like CVE-2024-55551 in system components including the Exasol JDBC driver.

MITRE ATT&CK Enterprise TechniquesAI

T1203 Exploitation for Client Execution Execution
Adversaries may exploit software vulnerabilities in client applications to execute code.
attack.mitre.org →
Why these techniques?

Vulnerability in Exasol JDBC driver enables JNDI injection via malicious URL leading to RCE in the Java client application process, directly mapping to exploitation for client execution.

Confidence: HIGH · MITRE ATT&CK Enterprise v19.0

NVD Description

An issue was discovered in Exasol JDBC driver before 24.2.1 (2024-12-10). Attackers can inject malicious parameters into the JDBC URL, triggering JNDI injection during the process when the JDBC Driver uses this URL to connect to the database. This can…

more

further lead to remote code execution.

Deeper analysisAI

CVE-2024-55551 affects the Exasol JDBC driver in versions prior to 24.2.1, released on 2024-12-10. The vulnerability enables attackers to inject malicious parameters into a JDBC URL, which triggers JNDI injection during the driver's connection process to the database. This flaw, classified as CWE-471, carries a CVSS v3.1 base score of 8.3 (AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H) and can lead to remote code execution.

Exploitation targets users or applications that process untrusted JDBC URLs with the vulnerable driver. An attacker with network access must employ high-complexity techniques and rely on user interaction, such as tricking a victim into supplying or using a malicious URL in a Java application connecting to Exasol. Successful JNDI injection allows remote code execution in the context of the application process, with elevated scope impacting confidentiality, integrity, and availability at a high level.

Exasol mitigates this issue in JDBC driver version 24.2.1, as detailed in the official release notes. Administrators should upgrade to this version or later and review connection handling practices, per the driver documentation. Additional technical details, including a proof-of-concept, appear in a GitHub gist, with related context in a Black Hat Europe 2024 briefing on Java Authentication and Authorization Service (JAAS) attack surfaces.

Details

CWE(s)
CWE-471

Affected Products

exasol
jdbc driver
≤ 24.2.1

References