CVE-2024-8055 is a vulnerability classified under CWE-89 (Improper Neutralization of Special Elements used in an SQL Command), affecting vanna-ai's vanna product, version 0.6.3. The vulnerability stems from insecure handling of SQL commands in the context of Snowflake database file staging operations, specifically the PUT and COPY commands. These commands are used to upload and copy files within Snowflake, and in this case, the SQL queries constructed to perform these operations do not properly sanitize user-supplied input. The vulnerable component is exposed through a Python Flask API, which does not require authentication, allowing remote attackers to inject malicious SQL payloads. Exploiting this flaw enables attackers to perform SQL injection attacks that can read arbitrary local files on the server hosting the application, such as the critical /etc/passwd file on Unix-like systems. This can lead to disclosure of sensitive system information and potentially facilitate further attacks. The vulnerability has a CVSS 3.0 base score of 7.5, reflecting its high impact on confidentiality with no impact on integrity or availability. Although no known exploits are reported in the wild, the ease of exploitation and lack of authentication requirements make this a serious threat. The affected versions are unspecified beyond v0.6.3, so users should assume all versions prior to a patch are vulnerable. The vulnerability was publicly disclosed on March 20, 2025, with the initial reservation date on August 21, 2024. No official patches have been linked yet, increasing the urgency for mitigation through configuration and access control.

For European organizations, this vulnerability poses a significant risk to confidentiality, as attackers can remotely access sensitive local files without authentication. Organizations using vanna-ai/vanna integrated with Snowflake databases and exposing the vulnerable Flask API could suffer data breaches involving system files, configuration data, or credentials stored on the server. This could lead to further lateral movement, privilege escalation, or targeted attacks on critical infrastructure. The impact is particularly severe for sectors handling sensitive personal data or intellectual property, such as finance, healthcare, and government agencies. The lack of integrity and availability impact means the system's operation might remain unaffected, but the confidentiality breach alone can result in regulatory penalties under GDPR and damage to reputation. Additionally, the vulnerability could be leveraged as a foothold for more complex attacks, increasing the overall risk profile for affected organizations.

Organizations should immediately audit their deployments of vanna-ai/vanna, especially versions 0.6.3 and earlier, to identify exposure to the vulnerable API endpoints. Since no official patches are currently available, mitigation should focus on input validation and sanitization to prevent SQL injection, particularly for the PUT and COPY commands interacting with Snowflake. Restricting network access to the Flask API through firewalls or VPNs can reduce exposure to unauthenticated attackers. Implementing Web Application Firewalls (WAFs) with rules targeting SQL injection patterns can provide additional protection. Monitoring logs for unusual file access attempts or SQL errors can help detect exploitation attempts early. Organizations should also engage with the vendor for patches or updates and plan for timely application once available. Finally, consider isolating the Snowflake staging environment and minimizing permissions for the database user executing these commands to limit potential damage.