Skip to main content

MySQL Elevation Of Privilege Vulnerability

Last Update Date: 13 Sep 2016 10:00 Release Date: 13 Sep 2016 3963 Views

RISK: High Risk

TYPE: Servers - Database Servers

TYPE: Database Servers

A vulnerability was identified in MySQL, a remote authenticated user can exploit this vulnerability to elevate privilege and perform remote code execution on the targeted system.


Note: limited Proof Of Concept Exploit Code is available.


Impact

  • Elevation of Privilege
  • Remote Code Execution

System / Technologies affected

  • Version 5.5.52, 5.6.33, 5.7.15 and prior versions (with default configuration)
  • MySQL clones: MariaDB and PerconaDB

 


Solutions

Note: No patch is currently available. For detail , please refer to the original advisory:

http://legalhackers.com/advisories/MySQL-Exploit-Remote-Root-Code-Execution-Privesc-CVE-2016-6662.html

 

 


Vulnerability Identifier


Source


Related Link