Security Advisory

CVE-2022-45347

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2022-12-22 10:47:44

Last updated 2025-04-15 13:41:08

Assigner apache

State PUBLISHED

Description

Apache ShardingSphere-Proxy prior to 5.3.0 when using MySQL as database backend didnt cleanup the database session completely after client authentication failed, which allowed an attacker to execute normal commands by constructing a special MySQL client. This vulnerability has been fixed in Apache ShardingSphere 5.3.0.

← Browse all CVEs View on cve.org ↗