CVE-2022-29972: 
Magnitude Simba Amazon Redshift ODBC Driver vulnerability analysis and mitigation

CVE-2022-29972 is an argument injection vulnerability discovered in the browser-based authentication component of the Magnitude Simba Amazon Redshift ODBC Driver, affecting versions 1.4.14 through 1.4.21.1001 and 1.4.22 through 1.4.x before 1.4.52. The vulnerability was reported on January 4, 2022, and was fully mitigated by April 15, 2022 (MSRC Blog).

The vulnerability is classified as an argument injection flaw (CWE-88) that could allow a local user to execute arbitrary code. It received a CVSS v3.1 base score of 7.8 (HIGH) with the vector string CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H, indicating local access requirements but high impact potential across confidentiality, integrity, and availability (NVD).

The vulnerability could potentially allow an attacker to perform remote command execution across Integration Runtime (IR) infrastructure, not limited to a single tenant. In Azure environments, this could lead to the acquisition of Azure Data Factory service certificates and enable command execution in other tenant's Azure Data Factory Integration Runtimes (MSRC Blog).

Microsoft fully mitigated the vulnerability on April 15, 2022, through multiple actions including: mitigating remote command execution in the impacted driver, reducing job execution privileges in the Azure Integration Runtime, adding extra validation layers, rotating and revoking backend service certificates, and implementing activity-isolated time-bound tokens. Users of Azure Data Factory with Self-hosted IRs (SHIRs) with auto-update turned off must update to version 5.17.8154.2. No action is required for customers using SHIRs with auto-update enabled or customers using Azure IRs (MSRC Blog).

Microsoft acknowledged Orca Security for their responsible disclosure and collaboration in addressing the vulnerability. The issue was handled through coordinated vulnerability disclosure (CVD) processes, with Microsoft maintaining communication with affected customers through Azure Service Health Alerts (MSRC Blog).