CVE-2022-31011 TiDB authentication bypass vulnerability

2022-05-3119:30:18

CWE-287

GitHub_M

www.cve.org

tidb

authentication

bypass

vulnerability

privilege escalation

unauthorized access

version 5.3.0

version 5.3.1

security enhanced mode

local login

ip restrictions

CVSS3

7.8

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

EPSS

Percentile

12.6%

JSON

TiDB is an open-source NewSQL database that supports Hybrid Transactional and Analytical Processing (HTAP) workloads. Under certain conditions, an attacker can construct malicious authentication requests to bypass the authentication process, resulting in privilege escalation or unauthorized access. Only users using TiDB 5.3.0 are affected by this vulnerability. TiDB version 5.3.1 contains a patch for this issue. Other mitigation strategies include turning off Security Enhanced Mode (SEM), disabling local login for non-root accounts, and ensuring that the same IP cannot be logged in as root and normal user at the same time.

CNA Affected

[
  {
    "product": "tidb",
    "vendor": "pingcap",
    "versions": [
      {
        "status": "affected",
        "version": "= 5.3.0"
      }
    ]
  }
]