CVE-2025-24790 - Snowflake JDBC Driver Vulnerability: Temporary Credential Cached in World Readable Files

Snowflake is a powerful cloud-based data warehousing platform used by numerous businesses across various industries. Snowflake JDBC is an essential component that provides a JDBC type 4 driver, allowing Java programs to connect to Snowflake databases. Recently, a vulnerability was discovered and remediated in the Snowflake JDBC Driver. This post will outline the details of the vulnerability (CVE-2025-24790), its implications, and the steps taken to fix it.

Vulnerability description

In the Snowflake JDBC Driver, there exists a vulnerability that pertains to Linux systems that have temporary credential caching enabled. Affected versions range from 3.6.8 through 3.21.. In these instances, the Snowflake JDBC Driver caches temporary credentials stored locally in a world-readable file. This poses a security risk as unauthorized users with access to the system could potentially read the cached credentials.

Original reference:
Snowflake's official documentation contains a detailed description of the vulnerability (CVE-2025-24790): Snowflake Vulnerability Documentation

Exploit details

The vulnerability is specific to Linux systems and only affects those with temporary credential caching enabled. In this situation, the JDBC Driver stores credentials in /tmp folder in world-readable files. An attacker who gains access to the system could read these files and, in turn, use the credentials to access sensitive data.

Code snippet

import java.sql.Connection;
import java.sql.DriverManager;
import java.sql.SQLException;

public class SnowflakeJDBCTest {
    public static void main(String[] args) {
        String url = "jdbc:snowflake://sample_account.snowflakecomputing.com";
        String user = "sample_user";
        String password = "sample_password";

        try {
            Connection connection = DriverManager.getConnection(url, user, password);
            System.out.println("Successfully connected to Snowflake.");
            connection.close();
        } catch (SQLException e) {
            System.err.println("Error connecting to Snowflake: " + e.getMessage());
            e.printStackTrace();
        }
    }
}

Resolution

Snowflake has fixed this vulnerability in version 3.22.. To mitigate the risk, all users of Snowflake JDBC Driver are advised to upgrade to this version or higher.

Upgrade instructions reference: Snowflake JDBC Driver Upgrade Instructions

Conclusion

It is crucial for organizations to be vigilant about their cybersecurity posture and promptly upgrade to the latest software versions to address potential vulnerabilities. The discovery and remediation of CVE-2025-24790 in Snowflake's JDBC Driver is an example of the importance of staying up-to-date with software releases. By updating to version 3.22. or higher, users can ensure that their Snowflake database remains secure and continues to perform optimally.

Timeline

Published on: 01/29/2025 18:15:47 UTC