Google Cloud Platform (GCP) Cross-Tenant SQL Injection on Big Query and Spanner Through the Linking API in Looker Studio

Tenable Research has identified and responsibly disclosed a critical SQL injection vulnerability in Looker Studio's Linking API. This flaw allowed attackers to craft a malicious URL that could execute arbitrary SQL queries on a victim's BigQuery data source.

The vulnerability exploited the CUSTOM_QUERY and BIG_QUERY connector types within the Linking API. An attacker could construct a specific URL containing a malicious SQL payload in the ds.*.sql parameter. When a victim clicked this link, Looker Studio would automatically create a temporary report, connect to the victim's BigQuery account, and execute the attacker's SQL query. This could lead to a one-click exfiltration of all datasets and tables the victim had access to. The vulnerability could also be used to insert, delete, or modify data, depending on the victim's permissions.

Proof of Concept

1. Craft the Linking API link with the victim’s project ID and the SQL injection you wish to run
2. Visit the Linking API link that the attacker has crafted as the victim

https://lookerstudio.google.com/u/0/reporting/create?ds.type=CUSTOM_QUERY&ds.connector=BIG_QUERY&ds.billingProjectId=<PROJECT>&ds.projectId=<PROJECT>&ds.*.sql=<MALICIOUS QUERY>

3. Malicious SQL will run in your Big Query, in the context of your user.