Research has shown that Google Cloud Platform's CloudSQL service, which supports database engines such as MySQL, PostgreSQL, and SQL Server, has a critical vulnerability that could expose sensitive customer data. The vulnerability enables escalation of initial privilege by adding the user/dbrootrole, making it possible to bypass security barriers and gain complete control of the database engine and host. This could lead to a major security incident or a breach of sensitive data. The vulnerability was identified and fixed through the Google VRP (Vulnerability Reward Program).
Share with your friends and followers
Start blogging about your favorite technologies, reach more readers and earn rewards!
Join other developers and claim your FAUN account now!
Only registered users can post comments. Please, login or signup.