CVE-2022-25834
https://notcve.org/view.php?id=CVE-2022-25834
In Percona XtraBackup (PXB) through 2.2.24 and 3.x through 8.0.27-19, a crafted filename on the local file system could trigger unexpected command shell execution of arbitrary commands. • https://docs.percona.com/percona-xtrabackup/8.0/release-notes/8.0/8.0.32-26.0.html#improvements https://www.percona.com/doc/percona-xtrabackup/2.4/index.html • CWE-77: Improper Neutralization of Special Elements used in a Command ('Command Injection') •
CVE-2022-26944
https://notcve.org/view.php?id=CVE-2022-26944
Percona XtraBackup 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONA_SCHEMA.xtrabackup_history table. NOTE: this issue exists because of an incomplete fix for CVE-2020-10997. Percona XtraBackup versión 2.4.20, escribe involuntariamente la línea de comandos en cualquier archivo de copia de seguridad resultante. • https://docs.percona.com/percona-xtrabackup/2.4/release-notes/2.4/2.4.25.html https://jira.percona.com/browse/PXB-2722 •
CVE-2020-10997
https://notcve.org/view.php?id=CVE-2020-10997
Percona XtraBackup before 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONA_SCHEMA.xtrabackup_history table. Percona XtraBackup versiones anteriores a la versión 2.4.20, escribe involuntariamente en la línea de comandos en cualquier salida de archivo de copia de seguridad resultante. Esto puede incluir argumentos confidenciales pasados durante el tiempo de ejecución. • https://jira.percona.com/browse/PXB-2142 https://www.percona.com/blog/2020/04/16/cve-2020-10997-percona-xtrabackup-information-disclosure-of-command-line-arguments • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2015-1027
https://notcve.org/view.php?id=CVE-2015-1027
The version checking subroutine in percona-toolkit before 2.2.13 and xtrabackup before 2.2.9 was vulnerable to silent HTTP downgrade attacks and Man In The Middle attacks in which the server response could be modified to allow the attacker to respond with modified command payload and have the client return additional running configuration information leading to an information disclosure of running configuration of MySQL. La subrutina de chequeo de versiones en percona-toolkit en versiones anteriores a la 2.2.13 y xtrabackup en versiones anteriores a la 2.2.9 era vulnerable a ataques silenciosos de degradación HTTP y Man-in-the-Middle (MitM) en los que la respuesta del servidor se podría modificar para que permita que el atacante responda con una carga útil de comandos modificada y fuerce a que el cliente devuelva información adicional de la configuración que se está ejecutando, lo cual provocaría la revelación de información de la configuración actual de MySQL. • https://bugs.launchpad.net/percona-toolkit/+bug/1408375 https://www.percona.com/blog/2015/05/06/percona-security-advisory-cve-2015-1027 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •
CVE-2016-6225
https://notcve.org/view.php?id=CVE-2016-6225
xbcrypt in Percona XtraBackup before 2.3.6 and 2.4.x before 2.4.5 does not properly set the initialization vector (IV) for encryption, which makes it easier for context-dependent attackers to obtain sensitive information from encrypted backup files via a Chosen-Plaintext attack. NOTE: this vulnerability exists because of an incomplete fix for CVE-2013-6394. xbcrypt en Percona XtraBackup en versiones anteriores a 2.3.6 y 2.4.x en versiones anteriores a 2.4.5 no establece apropiadamente el vector de inicialización (IV) para cifrado, lo que hace más fácil a atacantes dependientes del contexto obtener información sensible de archivos backup cifrados a través de un ataque de texto plano escogido. NOTA: esta vulnerabilidad existe debido a una corrección incompleta para CVE-2013-6394. • http://lists.opensuse.org/opensuse-updates/2017-01/msg00125.html http://lists.opensuse.org/opensuse-updates/2017-01/msg00126.html https://bugs.launchpad.net/percona-xtrabackup/+bug/1643949 https://github.com/percona/percona-xtrabackup/pull/266 https://github.com/percona/percona-xtrabackup/pull/267 https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/BAHI6ETS22FJCMLW7A6SICFKQXF5G2VI https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message • CWE-326: Inadequate Encryption Strength •