Intrusion PreventionMySQL.Commad.Repair.RC.Privilege.Escalation
Description
This indicates an attack attempt to exploit a Privilege Escalation vulnerability in MySql, MariaDB, Percona Server and Percona XtraDB Cluster.
This vulnerability is due to a race condition which happens during execution of REPAIR command. An attacker may be able to exploit this to escalate his/her privilege.
Affected Products
MariaDB prior to 5.5.52
MariaDB prior to 10.1.18
MariaDB prior to 10.0.28
MySQL 5.5.51 and prior
MySQL 5.6.32 and prior
MySQL 5.7.14 and prior
Percona Server prior to 5.5.51-38.2
Percona Server prior to 5.6.32-78-1
Percona Server prior tp 5.7.14-8
Percona XtraDB Cluster prior to 5.6.32-25.17
Percona XtraDB Cluster prior to 5.7.14-26.17
Percona XtraDB Cluster prior to 5.5.41-37.0
Impact
Privilege Escalation: Remote attackers can leverage their privilege on the vulnerable systems
Recommended Actions
Apply the most recent upgrade or patch from the vendors
https://www.mysql.com/downloads/
https://mariadb.org/download/
https://www.percona.com/downloads/
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2019-06-10 | 14.629 | Severity:critical:high |
| ID | 43421 |
| Created | Nov 08, 2016 |
| Updated | May 02, 2022 |
| Risk |
|
| CVE ID | CVE-2016-5616 CVE-2016-6663 |
| Exploit Prediction Score | 0.27% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, Linux, BSD, MacOS |
| Affected App | Oracle, MySQL |