Security Advisory

CVE-2017-14477

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2018-05-09 20:00:00

Last updated 2024-09-17 04:09:17

Assigner talos

State PUBLISHED

Description

In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for FreeBSD), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm_agentd process. An attacker that can initiate a TCP session with mmm_agentd can trigger this vulnerability.

← Browse all CVEs View on cve.org ↗