Intrusion PreventionMySQL.Error.Log.Privilege.Escalation
Description
This indicates an attack attempt to exploit a Privilege Escalation vulnerability in MySql, MariaDB, Percona Server and Percona XtraDB Cluster.
This vulnerability is due to an error while the vulnerable application handles log files. An attacker may be able to exploit this to escalate his/her privilege.
Affected Products
MariaDB All versions
MySQL 5.5.51 and prior
MySQL 5.6.32 and prior
MySQL 5.7.14 and prior
Percona Server prior to 5.5.51-38.2
Percona Server prior to 5.6.32-78-1
Percona Server prior tp 5.7.14-8
Percona XtraDB Cluster prior to 5.6.32-25.17
Percona XtraDB Cluster prior to 5.7.14-26.17
Percona XtraDB Cluster prior to 5.5.41-37.0
Impact
Privilege Escalation: Remote attackers can leverage their privilege on the vulnerable systems
Recommended Actions
Apply the most recent upgrade or patch from the vendors
https://www.mysql.com/downloads/
https://mariadb.org/download/
https://www.percona.com/downloads/
Telemetry
Coverage
| IPS (Regular DB) | |
| IPS (Extended DB) |
Version Updates
| Date | Version | Detail |
|---|---|---|
| 2019-06-10 | 14.629 | Severity:critical:high |
| ID | 43423 |
| Created | Nov 08, 2016 |
| Updated | Jun 07, 2019 |
| Risk |
|
| CVE ID | CVE-2016-6664 CVE-2016-5617 |
| Exploit Prediction Score | 11.76% |
| Default Action | drop |
| Active | |
| Affected OS | Windows, Linux, BSD, MacOS |
| Affected App | Oracle, MySQL |