CVE-2017-15365 : What You Need to Know
Learn about CVE-2017-15365 affecting MariaDB and Percona XtraDB Cluster. Discover how remote users can bypass access restrictions and replicate DDL statements, and find mitigation steps.
CVE-2017-15365 was published on January 25, 2018, and affects versions of MariaDB and Percona XtraDB Cluster. The vulnerability allows remote users with SQL access to bypass access restrictions and replicate data definition language (DDL) statements to cluster nodes.
Understanding CVE-2017-15365
This CVE identifies a security flaw in MariaDB and Percona XtraDB Cluster versions that could be exploited by authenticated remote users to bypass access restrictions.
What is CVE-2017-15365?
The vulnerability in sql/event_data_objects.cc in MariaDB versions before 10.1.30 and 10.2.x before 10.2.10, as well as Percona XtraDB Cluster before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3, allows remote authenticated users to replicate DDL statements to cluster nodes due to incorrect ordering of DDL replication and ACL checking.
The Impact of CVE-2017-15365
The vulnerability enables remote users with SQL access and authentication to bypass intended access restrictions, potentially leading to unauthorized replication of DDL statements to cluster nodes.
Technical Details of CVE-2017-15365
This section provides more technical insights into the vulnerability.
Vulnerability Description
The issue can be found in sql/event_data_objects.cc in versions of MariaDB prior to 10.1.30, 10.2.x prior to 10.2.10, Percona XtraDB Cluster prior to 5.6.37-26.21-3, and 5.7.x prior to 5.7.19-29.22-3. The vulnerability allows remote users with SQL access to bypass intended access restrictions and replicate DDL statements to cluster nodes.
Affected Systems and Versions
- MariaDB versions before 10.1.30 and 10.2.x before 10.2.10
- Percona XtraDB Cluster versions before 5.6.37-26.21-3 and 5.7.x before 5.7.19-29.22-3
Exploitation Mechanism
Remote authenticated users with SQL access can exploit the vulnerability by leveraging the incorrect ordering of DDL replication and ACL checking to replicate DDL statements to cluster nodes.
Mitigation and Prevention
Protecting systems from CVE-2017-15365 requires immediate actions and long-term security practices.
Immediate Steps to Take
- Update MariaDB and Percona XtraDB Cluster to the patched versions to mitigate the vulnerability.
- Monitor and restrict SQL access to prevent unauthorized users from exploiting the issue.
Long-Term Security Practices
- Implement strong authentication mechanisms to control access to databases.
- Regularly review and update access control policies to prevent similar vulnerabilities.
Patching and Updates
- Apply the latest patches and updates provided by MariaDB and Percona to address the vulnerability and enhance system security.