Уязвимость повышения уровня доступа в MariaDB через некорректную обработку строки формата в CONNECT Storage Engine
Описание
Уязвимость позволяет злоумышленникам повысить уровень доступа в системе на затронутых установках MariaDB. Для эксплуатации уязвимости требуется аутентификация. Проблема связана с некорректной проверкой строки, предоставленной пользователем, перед её использованием в качестве спецификатора формата в SQL-запросах. Злоумышленник способен использовать эту уязвимость для повышения уровня доступа и выполнения произвольного кода в контексте учетной записи службы.
Тип уязвимости
- Повышение уровня доступа
- Выполнение произвольного кода
Примечания
Идентификатор уязвимости: ZDI-CAN-16193
Ссылки
- PatchVendor Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
- PatchVendor Advisory
- Third Party Advisory
- Third Party AdvisoryVDB Entry
Уязвимые конфигурации
Одно из
Одно из
EPSS
7 High
CVSS3
7.8 High
CVSS3
4.6 Medium
CVSS2
Дефекты
Связанные уязвимости
MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193.
MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193.
MariaDB CONNECT Storage Engine Format String Privilege Escalation Vulnerability. This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193.
MariaDB CONNECT Storage Engine Format String Privilege Escalation Vuln ...
This vulnerability allows local attackers to escalate privileges on affected installations of MariaDB. Authentication is required to exploit this vulnerability. The specific flaw exists within the processing of SQL queries. The issue results from the lack of proper validation of a user-supplied string before using it as a format specifier. An attacker can leverage this vulnerability to escalate privileges and execute arbitrary code in the context of the service account. Was ZDI-CAN-16193.
EPSS
7 High
CVSS3
7.8 High
CVSS3
4.6 Medium
CVSS2