CVE-2026-11400
Privilege Escalation in AWS Advanced JDBC Wrapper
Publication date: 2026-06-05
Last updated on: 2026-06-05
Assigner: AMZN
Description
Description
CVSS Scores
EPSS Scores
| Probability: | |
| Percentile: |
Meta Information
Affected Vendors & Products
| Vendor | Product | Version / Range |
|---|---|---|
| amazon | aws_advanced_jdbc_wrapper | 4.0.1 |
| amazon | aws_advanced_go_wrapper | to 2026-04-06 (exc) |
| amazon | aws_advanced_go_wrapper | 2026-05-26 |
Helpful Resources
Exploitability
| CWE ID | Description |
|---|---|
| CWE-426 | The product searches for critical resources using an externally-supplied search path that can point to resources that are not under the product's direct control. |
Attack-Flow Graph
AI Powered Q&A
How does this vulnerability affect compliance with common standards and regulations (like GDPR, HIPAA)?:
The provided information does not specify how this vulnerability impacts compliance with common standards and regulations such as GDPR or HIPAA.
Can you explain this vulnerability to me?
This vulnerability is an untrusted search path issue in the GlobalDatabasePlugin of the AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL. It allows a remote authenticated user with low privileges to escalate their privileges to those of another Amazon RDS user, including the highly privileged rds_superuser role. This escalation is achieved by the attacker creating a crafted function that executes when the targeted user connects to the database cluster through the affected JDBC wrapper.
How can this vulnerability impact me? :
The impact of this vulnerability is significant because it enables a low-privilege authenticated user to gain elevated privileges, potentially full administrative access (rds_superuser) within the Amazon RDS environment. This could allow the attacker to perform unauthorized actions such as modifying data, changing configurations, or accessing sensitive information, thereby compromising the security and integrity of the database.
What immediate steps should I take to mitigate this vulnerability?
To mitigate this vulnerability, users should upgrade to AWS Advanced JDBC Wrapper version 4.0.1.
The version 4.0.1 release addresses several critical issues related to CVE-2026-11400, including fixes that improve security and stability of the wrapper.
How can this vulnerability be detected on my network or system? Can you suggest some commands?
This vulnerability involves an untrusted search path issue in the AWS Advanced JDBC Wrapper for Amazon Aurora PostgreSQL that allows privilege escalation via a crafted function executed when connecting to the cluster.
Detection would involve identifying usage of vulnerable versions of the AWS Advanced JDBC Wrapper (prior to version 4.0.1) in your environment and monitoring for suspicious function creations or privilege escalations in the database.
Since the vulnerability is triggered by a crafted function created by a low-privilege authenticated user, you can audit database logs for creation of unusual or unauthorized functions, especially those executed upon user connection.
- Check the version of AWS Advanced JDBC Wrapper in use to confirm if it is older than 4.0.1.
- In PostgreSQL, list functions created by users with commands like: \df+
- Audit PostgreSQL logs for CREATE FUNCTION statements or unusual function executions.
- Monitor database connection logs for unexpected privilege escalations or errors related to the JDBC wrapper.
No specific detection commands are provided in the available resources, but general PostgreSQL auditing and version checks of the AWS Advanced JDBC Wrapper are recommended.