New "LeakyLooker" Flaws in Google Looker Studio Could Enable Cross-Tenant SQL Queries
Cybersecurity researchers have disclosed nine cross-tenant vulnerabilities in Google Looker Studio that could have permitted attackers to run arbitrary SQL queries on victims' databases and exfiltrate sensitive data within organizations' Google Cloud environments. The shortcomings have been colle...
AI-Generated Summary
Tenable researchers disclosed nine cross-tenant vulnerabilities in Google Looker Studio, collectively named LeakyLooker, that could allow attackers to execute arbitrary SQL queries on victims' databases within Google Cloud environments. The flaws posed a significant risk of sensitive data exfiltration across organizational boundaries. No evidence of active exploitation was found prior to disclosure.
Affected Sectors
Frameworks
Aggregated from The Hacker News
This article was automatically aggregated from an external source. Content may be summarized.
Full Analysis
Cybersecurity researchers have disclosed nine cross-tenant vulnerabilities in Google Looker Studio that could have permitted attackers to run arbitrary SQL queries on victims' databases and exfiltrate sensitive data within organizations' Google Cloud environments. The shortcomings have been collectively named LeakyLooker by Tenable. There is no evidence that the vulnerabilities were exploited in
Source: The Hacker News
Original Source
The Hacker News