Lucene search

K
veracodeVeracode Vulnerability DatabaseVERACODE:43590
HistoryOct 08, 2023 - 8:11 a.m.

Denial Of Service (DoS)

2023-10-0808:11:22
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
7
denial of service
galera-4
vulnerability
attack
mariadb
openvas
port scan
exploit
availability

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

46.5%

galera-4 is vulnerable to Denial of Service (DoS). This vulnerability allows an attacker to cause MariaDB to crash by sending a specially crafted OpenVAS port scan to ports 3306 and 4567. The impact of this vulnerability is high, as it could be exploited by attackers to disrupt the availability of MariaDB servers.

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

46.5%