Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2017-15365

EPSS 0.57% · P69
Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2017-15365

Vulnerability Information
Have questions about the vulnerability? See if Shenlong's analysis helps!
View Shenlong Deep Dive ↗

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Description
sql/event_data_objects.cc in MariaDB before 10.1.30 and 10.2.x before 10.2.10 and Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3 allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language (DDL) statements to cluster nodes by leveraging incorrect ordering of DDL replication and ACL checking.
Source: NVD (National Vulnerability Database)
CVSS Information
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Type
N/A
Source: NVD (National Vulnerability Database)
Vulnerability Title
MariaDB和Percona XtraDB Cluster 安全漏洞
Source: CNNVD (China National Vulnerability Database)
Vulnerability Description
MariaDB是美国Monty Program Ab公司和美国MariaDB基金会共同开发的一套免费开源的数据库管理系统,也是一个采用Maria存储引擎的MySQL分支版本。Percona XtraDB Cluster是一套用于创建MySQL集群的软件包。 MariaDB和Percona XtraDB Cluster中的sql/event_data_objects.cc文件存在安全漏洞。远程攻击者可利用该漏洞绕过访问控制,将数据定义语言(DLL)声明复制到集群节点上。以下产品和版本受到影响:MariaDB
Source: CNNVD (China National Vulnerability Database)
CVSS Information
N/A
Source: CNNVD (China National Vulnerability Database)
Vulnerability Type
N/A
Source: CNNVD (China National Vulnerability Database)

Affected Products

VendorProductAffected VersionsCPESubscribe
-n/a n/a -

II. Public POCs for CVE-2017-15365

#POC DescriptionSource LinkShenlong Link
AI-Generated POCPremium

No public POC found.

Login to generate AI POC

III. Intelligence Information for CVE-2017-15365

登录查看更多情报信息。

Same Patch Batch · n/a · 2018-01-25 · 33 CVEs total

CVE-2018-5967Netis WF2419 跨站脚本漏洞
CVE-2016-10710Biscom Secure File Transfer 安全漏洞
CVE-2018-6315libming 数字错误漏洞
CVE-2018-6313WBCE CMS 跨站脚本漏洞
CVE-2018-5447Nari PCS-9611 relay 输入验证漏洞
CVE-2017-1000505CloudBees Jenkins Script Security插件安全漏洞
CVE-2018-5997RAVPower Filehub HTTP Server 路径遍历漏洞
CVE-2018-5973E.I Hi-Tech Professional Local Directory Script SQL注入漏洞
CVE-2018-5965CMS Made Simple 跨站脚本漏洞
CVE-2018-5964CMS Made Simple 安全漏洞
CVE-2018-5963CMS Made Simple 安全漏洞
CVE-2018-5954phpFreeChat 安全漏洞
CVE-2018-5748Red Hat libvirt 资源管理错误漏洞
CVE-2017-1000414ImpulseAdventure JPEGsnoop 数字错误漏洞
CVE-2018-6308SugarCRM Community Edition SQL注入漏洞
CVE-2018-6217Kingsoft WPS Office 安全漏洞
CVE-2017-15546EMC RSA Authentication Manager Security Console SQL注入漏洞
CVE-2018-6209Max Secure Anti Virus 安全漏洞
CVE-2018-6208Max Secure Anti Virus 安全漏洞
CVE-2018-6207Max Secure Anti Virus 安全漏洞

Showing top 20 of 33 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a
Same vendor: n/a

V. Comments for CVE-2017-15365

No comments yet

Leave a comment