27 строки
760 B
Markdown
27 строки
760 B
Markdown
|
|
MariaDB Connector has a potential RCE-issue with a CVSS of 9.8
|
|
|
|
When analyzing the diff (*) it looks like we can expect a PoC
|
|
very soon.
|
|
|
|
*) https://github.com/mariadb-corporation/mariadb-connector-c/commit/2759b87d72926b7c9b5426437a7c8dd15ff57945
|
|
|
|
|
|
False-Positive-Rate: Low
|
|
|
|
|
|
NOTE: although mariadb_lib.c was originally based on code shipped for MySQL,
|
|
this issue does not affect any MySQL components supported by Oracle.
|
|
|
|
|
|
we found various IPs in your ORG/ASN,
|
|
matching criteria for possible vulnerable systems
|
|
|
|
please find a list of affected IPs below
|
|
and more information on that problem here:
|
|
|
|
- https://nvd.nist.gov/vuln/detail/CVE-2020-13249#vulnCurrentDescriptionTitle
|
|
- https://zero.bs/sb-2019-mariadb-has-potentially-rce-cve-2020-13249.html
|
|
|
|
|