Lucene search

K
redos
RedosROS-20220217-01
HistoryFeb 17, 2022 - 12:00 a.m.

ROS-20220217-01

2022-02-1700:00:00
redos.red-soft.ru
32

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

29.1%

MariaDB database management system vulnerability, related to a formatted string error in the
in the implementation of the CONNECT function. Exploitation of the vulnerability could allow an attacker acting remotely,
send a specially crafted SQL query containing format string specifiers and execute
arbitrary code on the target system

MariaDB database management system vulnerability, related to improper management of internal
resources. Exploitation of the vulnerability could allow an attacker acting remotely to execute
specially crafted statements and execute a denial of service (DoS) attack

Vulnerability in the MariaDB database management system, related to a memory freeing error in the
storage mechanism when processing CONNECT requests. Exploitation of the vulnerability could allow an attacker,
acting remotely, to send a specially crafted SQL query to a database instance, cause a
a post-release usage error and execute arbitrary code on the system

Vulnerability in the MariaDB database management system, related to a boundary error in the storage mechanism
when processing CONNECT requests. Exploitation of the vulnerability could allow an attacker acting
remotely, to send a specially crafted SQL query to an affected database instance, cause a
memory corruption and execute arbitrary code on the target system

Vulnerability in MariaDB database management system, related to a boundary error in storage mechanism
when processing CONNECT requests. Exploitation of the vulnerability could allow an attacker acting
remotely, to send a specially crafted SQL query to a database instance, cause a heap buffer overflow, and execute an arbitrary SQL query.
heap buffer overflow and execute arbitrary code on the target system

OSVersionArchitecturePackageVersionFilename
redos7.3x86_64mariadb<= 10.5.15-1UNKNOWN
Use Vulners API to create your own security tool

API usage cases
  • Network scanning
  • Linux Patch management
  • Threat protection
  • No network audit solution

Ways of integration

Integrate Vulners API

7.8 High

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

29.1%

Related for ROS-20220217-01