EXPLOIT Oracle MySQL Cluster Data Node GSN_PROCESSINFO_REP Handling Remote Code Execution (CVE-2021-35592)

Rule ID

1230736

Severity

High

Description

An index boundary error has been reported in Oracle MySQL. The vulnerability exists in the MySQL NDB Cluster component when handling GSN_PROCESSINFO_REP signals.A remote, unauthenticated attacker could exploit this vulnerability by sending a crafted packet to the vulnerable server. Successful exploitation will allow an attacker to execute arbitrary code in the context of the application.

Impact

Remote code execution

Recommendation

Update vendor's patch.

IPS Category

Buffer Overflow

IPS Anomaly Group

N/A

IPS Rule Default Action

Deny

Reference

CVE-2021-35592

ZDI-21-1228

T1190

T0819

Keyword

N/A

Created At

2022/03/07

Updated At

2022/07/11

This website uses cookies to ensure you get the best experience on our website.

Learn more