Search

Find a vulnerability

Search criteria Use this form to refine search results.
Full-text search supports keyword queries with ranking and filtering.
You can combine vendor, product, and sources to narrow results.
Enable “Apply ordering” to sort by date instead of relevance.

    16 vulnerabilities by mysql-mmm

    CVE-2017-14475 (GCVE-0-2017-14475)

    Vulnerability from cvelistv5 – Published: 2018-05-09 20:00 – Updated: 2024-09-16 23:56
    VLAI
    Summary
    In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Linux), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.
    CWE
    • command injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Talos MySql MMM Affected: MMM 2.2.1
    Create a notification for this product.
    Date Public
    2018-05-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T19:27:40.664Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySql MMM",
              "vendor": "Talos",
              "versions": [
                {
                  "status": "affected",
                  "version": "MMM 2.2.1"
                }
              ]
            }
          ],
          "datePublic": "2018-05-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Linux), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T18:21:26.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "talos-cna@cisco.com",
              "DATE_PUBLIC": "2018-05-07T00:00:00",
              "ID": "CVE-2017-14475",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "MySql MMM",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MMM 2.2.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Talos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Linux), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "command injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501",
                  "refsource": "MISC",
                  "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2017-14475",
        "datePublished": "2018-05-09T20:00:00.000Z",
        "dateReserved": "2017-09-13T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:56:14.276Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-14474 (GCVE-0-2017-14474)

    Vulnerability from cvelistv5 – Published: 2018-05-09 20:00 – Updated: 2024-09-16 23:21
    VLAI
    Summary
    In the MMM::Agent::Helpers::_execute function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.
    CWE
    • command injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Talos MySql MMM Affected: MMM 2.2.1
    Create a notification for this product.
    Date Public
    2018-05-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T19:27:40.751Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySql MMM",
              "vendor": "Talos",
              "versions": [
                {
                  "status": "affected",
                  "version": "MMM 2.2.1"
                }
              ]
            }
          ],
          "datePublic": "2018-05-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In the MMM::Agent::Helpers::_execute function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T18:21:24.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "talos-cna@cisco.com",
              "DATE_PUBLIC": "2018-05-07T00:00:00",
              "ID": "CVE-2017-14474",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "MySql MMM",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MMM 2.2.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Talos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In the MMM::Agent::Helpers::_execute function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "command injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501",
                  "refsource": "MISC",
                  "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2017-14474",
        "datePublished": "2018-05-09T20:00:00.000Z",
        "dateReserved": "2017-09-13T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:21:01.522Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-14479 (GCVE-0-2017-14479)

    Vulnerability from cvelistv5 – Published: 2018-05-09 20:00 – Updated: 2024-09-16 16:48
    VLAI
    Summary
    In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.
    CWE
    • command injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Talos MySql MMM Affected: MMM 2.2.1
    Create a notification for this product.
    Date Public
    2018-05-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T19:27:40.881Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySql MMM",
              "vendor": "Talos",
              "versions": [
                {
                  "status": "affected",
                  "version": "MMM 2.2.1"
                }
              ]
            }
          ],
          "datePublic": "2018-05-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T18:21:31.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "talos-cna@cisco.com",
              "DATE_PUBLIC": "2018-05-07T00:00:00",
              "ID": "CVE-2017-14479",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "MySql MMM",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MMM 2.2.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Talos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "command injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501",
                  "refsource": "MISC",
                  "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2017-14479",
        "datePublished": "2018-05-09T20:00:00.000Z",
        "dateReserved": "2017-09-13T00:00:00.000Z",
        "dateUpdated": "2024-09-16T16:48:49.870Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-14476 (GCVE-0-2017-14476)

    Vulnerability from cvelistv5 – Published: 2018-05-09 20:00 – Updated: 2024-09-17 02:02
    VLAI
    Summary
    In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.
    CWE
    • command injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Talos MySql MMM Affected: MMM 2.2.1
    Create a notification for this product.
    Date Public
    2018-05-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T19:27:40.752Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySql MMM",
              "vendor": "Talos",
              "versions": [
                {
                  "status": "affected",
                  "version": "MMM 2.2.1"
                }
              ]
            }
          ],
          "datePublic": "2018-05-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T18:21:27.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "talos-cna@cisco.com",
              "DATE_PUBLIC": "2018-05-07T00:00:00",
              "ID": "CVE-2017-14476",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "MySql MMM",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MMM 2.2.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Talos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "command injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501",
                  "refsource": "MISC",
                  "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2017-14476",
        "datePublished": "2018-05-09T20:00:00.000Z",
        "dateReserved": "2017-09-13T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:02:35.827Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-14478 (GCVE-0-2017-14478)

    Vulnerability from cvelistv5 – Published: 2018-05-09 20:00 – Updated: 2024-09-17 03:48
    VLAI
    Summary
    In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Linux), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.
    CWE
    • command injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Talos MySql MMM Affected: MMM 2.2.1
    Create a notification for this product.
    Date Public
    2018-05-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T19:27:40.646Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySql MMM",
              "vendor": "Talos",
              "versions": [
                {
                  "status": "affected",
                  "version": "MMM 2.2.1"
                }
              ]
            }
          ],
          "datePublic": "2018-05-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Linux), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T18:21:29.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "talos-cna@cisco.com",
              "DATE_PUBLIC": "2018-05-07T00:00:00",
              "ID": "CVE-2017-14478",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "MySql MMM",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MMM 2.2.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Talos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Linux), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "command injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501",
                  "refsource": "MISC",
                  "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2017-14478",
        "datePublished": "2018-05-09T20:00:00.000Z",
        "dateReserved": "2017-09-13T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:48:02.494Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-14481 (GCVE-0-2017-14481)

    Vulnerability from cvelistv5 – Published: 2018-05-09 20:00 – Updated: 2024-09-17 01:46
    VLAI
    Summary
    In the MMM::Agent::Helpers::Network::send_arp function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.
    CWE
    • command injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Talos MySql MMM Affected: MMM 2.2.1
    Create a notification for this product.
    Date Public
    2018-05-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T19:27:40.631Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySql MMM",
              "vendor": "Talos",
              "versions": [
                {
                  "status": "affected",
                  "version": "MMM 2.2.1"
                }
              ]
            }
          ],
          "datePublic": "2018-05-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In the MMM::Agent::Helpers::Network::send_arp function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T18:21:33.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "talos-cna@cisco.com",
              "DATE_PUBLIC": "2018-05-07T00:00:00",
              "ID": "CVE-2017-14481",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "MySql MMM",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MMM 2.2.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Talos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In the MMM::Agent::Helpers::Network::send_arp function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "command injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501",
                  "refsource": "MISC",
                  "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2017-14481",
        "datePublished": "2018-05-09T20:00:00.000Z",
        "dateReserved": "2017-09-13T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:46:03.102Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-14480 (GCVE-0-2017-14480)

    Vulnerability from cvelistv5 – Published: 2018-05-09 20:00 – Updated: 2024-09-17 00:00
    VLAI
    Summary
    In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for FreeBSD), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.
    CWE
    • command injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Talos MySql MMM Affected: MMM 2.2.1
    Create a notification for this product.
    Date Public
    2018-05-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T19:27:40.617Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySql MMM",
              "vendor": "Talos",
              "versions": [
                {
                  "status": "affected",
                  "version": "MMM 2.2.1"
                }
              ]
            }
          ],
          "datePublic": "2018-05-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for FreeBSD), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T18:21:32.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "talos-cna@cisco.com",
              "DATE_PUBLIC": "2018-05-07T00:00:00",
              "ID": "CVE-2017-14480",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "MySql MMM",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MMM 2.2.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Talos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for FreeBSD), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "command injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501",
                  "refsource": "MISC",
                  "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2017-14480",
        "datePublished": "2018-05-09T20:00:00.000Z",
        "dateReserved": "2017-09-13T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:00:28.959Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-14477 (GCVE-0-2017-14477)

    Vulnerability from cvelistv5 – Published: 2018-05-09 20:00 – Updated: 2024-09-17 04:09
    VLAI
    Summary
    In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for FreeBSD), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.
    CWE
    • command injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Talos MySql MMM Affected: MMM 2.2.1
    Create a notification for this product.
    Date Public
    2018-05-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T19:27:40.735Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySql MMM",
              "vendor": "Talos",
              "versions": [
                {
                  "status": "affected",
                  "version": "MMM 2.2.1"
                }
              ]
            }
          ],
          "datePublic": "2018-05-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for FreeBSD), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T18:21:28.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "talos-cna@cisco.com",
              "DATE_PUBLIC": "2018-05-07T00:00:00",
              "ID": "CVE-2017-14477",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "MySql MMM",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MMM 2.2.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Talos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for FreeBSD), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "command injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501",
                  "refsource": "MISC",
                  "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2017-14477",
        "datePublished": "2018-05-09T20:00:00.000Z",
        "dateReserved": "2017-09-13T00:00:00.000Z",
        "dateUpdated": "2024-09-17T04:09:17.916Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-14475 (GCVE-0-2017-14475)

    Vulnerability from nvd – Published: 2018-05-09 20:00 – Updated: 2024-09-16 23:56
    VLAI
    Summary
    In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Linux), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.
    CWE
    • command injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Talos MySql MMM Affected: MMM 2.2.1
    Create a notification for this product.
    Date Public
    2018-05-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T19:27:40.664Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySql MMM",
              "vendor": "Talos",
              "versions": [
                {
                  "status": "affected",
                  "version": "MMM 2.2.1"
                }
              ]
            }
          ],
          "datePublic": "2018-05-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Linux), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T18:21:26.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "talos-cna@cisco.com",
              "DATE_PUBLIC": "2018-05-07T00:00:00",
              "ID": "CVE-2017-14475",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "MySql MMM",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MMM 2.2.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Talos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Linux), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "command injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501",
                  "refsource": "MISC",
                  "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2017-14475",
        "datePublished": "2018-05-09T20:00:00.000Z",
        "dateReserved": "2017-09-13T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:56:14.276Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-14474 (GCVE-0-2017-14474)

    Vulnerability from nvd – Published: 2018-05-09 20:00 – Updated: 2024-09-16 23:21
    VLAI
    Summary
    In the MMM::Agent::Helpers::_execute function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.
    CWE
    • command injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Talos MySql MMM Affected: MMM 2.2.1
    Create a notification for this product.
    Date Public
    2018-05-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T19:27:40.751Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySql MMM",
              "vendor": "Talos",
              "versions": [
                {
                  "status": "affected",
                  "version": "MMM 2.2.1"
                }
              ]
            }
          ],
          "datePublic": "2018-05-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In the MMM::Agent::Helpers::_execute function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T18:21:24.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "talos-cna@cisco.com",
              "DATE_PUBLIC": "2018-05-07T00:00:00",
              "ID": "CVE-2017-14474",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "MySql MMM",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MMM 2.2.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Talos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In the MMM::Agent::Helpers::_execute function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1, a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "command injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501",
                  "refsource": "MISC",
                  "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2017-14474",
        "datePublished": "2018-05-09T20:00:00.000Z",
        "dateReserved": "2017-09-13T00:00:00.000Z",
        "dateUpdated": "2024-09-16T23:21:01.522Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-14479 (GCVE-0-2017-14479)

    Vulnerability from nvd – Published: 2018-05-09 20:00 – Updated: 2024-09-16 16:48
    VLAI
    Summary
    In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.
    CWE
    • command injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Talos MySql MMM Affected: MMM 2.2.1
    Create a notification for this product.
    Date Public
    2018-05-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T19:27:40.881Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySql MMM",
              "vendor": "Talos",
              "versions": [
                {
                  "status": "affected",
                  "version": "MMM 2.2.1"
                }
              ]
            }
          ],
          "datePublic": "2018-05-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T18:21:31.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "talos-cna@cisco.com",
              "DATE_PUBLIC": "2018-05-07T00:00:00",
              "ID": "CVE-2017-14479",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "MySql MMM",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MMM 2.2.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Talos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "command injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501",
                  "refsource": "MISC",
                  "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2017-14479",
        "datePublished": "2018-05-09T20:00:00.000Z",
        "dateReserved": "2017-09-13T00:00:00.000Z",
        "dateUpdated": "2024-09-16T16:48:49.870Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-14476 (GCVE-0-2017-14476)

    Vulnerability from nvd – Published: 2018-05-09 20:00 – Updated: 2024-09-17 02:02
    VLAI
    Summary
    In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.
    CWE
    • command injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Talos MySql MMM Affected: MMM 2.2.1
    Create a notification for this product.
    Date Public
    2018-05-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T19:27:40.752Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySql MMM",
              "vendor": "Talos",
              "versions": [
                {
                  "status": "affected",
                  "version": "MMM 2.2.1"
                }
              ]
            }
          ],
          "datePublic": "2018-05-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T18:21:27.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "talos-cna@cisco.com",
              "DATE_PUBLIC": "2018-05-07T00:00:00",
              "ID": "CVE-2017-14476",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "MySql MMM",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MMM 2.2.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Talos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "command injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501",
                  "refsource": "MISC",
                  "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2017-14476",
        "datePublished": "2018-05-09T20:00:00.000Z",
        "dateReserved": "2017-09-13T00:00:00.000Z",
        "dateUpdated": "2024-09-17T02:02:35.827Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-14478 (GCVE-0-2017-14478)

    Vulnerability from nvd – Published: 2018-05-09 20:00 – Updated: 2024-09-17 03:48
    VLAI
    Summary
    In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Linux), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.
    CWE
    • command injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Talos MySql MMM Affected: MMM 2.2.1
    Create a notification for this product.
    Date Public
    2018-05-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T19:27:40.646Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySql MMM",
              "vendor": "Talos",
              "versions": [
                {
                  "status": "affected",
                  "version": "MMM 2.2.1"
                }
              ]
            }
          ],
          "datePublic": "2018-05-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Linux), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T18:21:29.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "talos-cna@cisco.com",
              "DATE_PUBLIC": "2018-05-07T00:00:00",
              "ID": "CVE-2017-14478",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "MySql MMM",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MMM 2.2.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Talos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Linux), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "command injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501",
                  "refsource": "MISC",
                  "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2017-14478",
        "datePublished": "2018-05-09T20:00:00.000Z",
        "dateReserved": "2017-09-13T00:00:00.000Z",
        "dateUpdated": "2024-09-17T03:48:02.494Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-14481 (GCVE-0-2017-14481)

    Vulnerability from nvd – Published: 2018-05-09 20:00 – Updated: 2024-09-17 01:46
    VLAI
    Summary
    In the MMM::Agent::Helpers::Network::send_arp function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.
    CWE
    • command injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Talos MySql MMM Affected: MMM 2.2.1
    Create a notification for this product.
    Date Public
    2018-05-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T19:27:40.631Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySql MMM",
              "vendor": "Talos",
              "versions": [
                {
                  "status": "affected",
                  "version": "MMM 2.2.1"
                }
              ]
            }
          ],
          "datePublic": "2018-05-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In the MMM::Agent::Helpers::Network::send_arp function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T18:21:33.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "talos-cna@cisco.com",
              "DATE_PUBLIC": "2018-05-07T00:00:00",
              "ID": "CVE-2017-14481",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "MySql MMM",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MMM 2.2.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Talos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In the MMM::Agent::Helpers::Network::send_arp function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for Solaris), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "command injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501",
                  "refsource": "MISC",
                  "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2017-14481",
        "datePublished": "2018-05-09T20:00:00.000Z",
        "dateReserved": "2017-09-13T00:00:00.000Z",
        "dateUpdated": "2024-09-17T01:46:03.102Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-14480 (GCVE-0-2017-14480)

    Vulnerability from nvd – Published: 2018-05-09 20:00 – Updated: 2024-09-17 00:00
    VLAI
    Summary
    In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for FreeBSD), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.
    CWE
    • command injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Talos MySql MMM Affected: MMM 2.2.1
    Create a notification for this product.
    Date Public
    2018-05-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T19:27:40.617Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySql MMM",
              "vendor": "Talos",
              "versions": [
                {
                  "status": "affected",
                  "version": "MMM 2.2.1"
                }
              ]
            }
          ],
          "datePublic": "2018-05-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for FreeBSD), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T18:21:32.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "talos-cna@cisco.com",
              "DATE_PUBLIC": "2018-05-07T00:00:00",
              "ID": "CVE-2017-14480",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "MySql MMM",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MMM 2.2.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Talos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In the MMM::Agent::Helpers::Network::clear_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for FreeBSD), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "command injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501",
                  "refsource": "MISC",
                  "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2017-14480",
        "datePublished": "2018-05-09T20:00:00.000Z",
        "dateReserved": "2017-09-13T00:00:00.000Z",
        "dateUpdated": "2024-09-17T00:00:28.959Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2017-14477 (GCVE-0-2017-14477)

    Vulnerability from nvd – Published: 2018-05-09 20:00 – Updated: 2024-09-17 04:09
    VLAI
    Summary
    In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for FreeBSD), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\_agentd process. An attacker that can initiate a TCP session with mmm\_agentd can trigger this vulnerability.
    CWE
    • command injection
    Assigner
    References
    Impacted products
    Vendor Product Version
    Talos MySql MMM Affected: MMM 2.2.1
    Create a notification for this product.
    Date Public
    2018-05-07 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-05T19:27:40.735Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySql MMM",
              "vendor": "Talos",
              "versions": [
                {
                  "status": "affected",
                  "version": "MMM 2.2.1"
                }
              ]
            }
          ],
          "datePublic": "2018-05-07T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for FreeBSD), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "LOW",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 9.8,
                "baseSeverity": "CRITICAL",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "command injection",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-04-19T18:21:28.000Z",
            "orgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
            "shortName": "talos"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "talos-cna@cisco.com",
              "DATE_PUBLIC": "2018-05-07T00:00:00",
              "ID": "CVE-2017-14477",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "MySql MMM",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "MMM 2.2.1"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Talos"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "In the MMM::Agent::Helpers::Network::add_ip function in MySQL Multi-Master Replication Manager (MMM) mmm_agentd 2.2.1 (for FreeBSD), a specially crafted MMM protocol message can cause a shell command injection resulting in arbitrary command execution with the privileges of the mmm\\_agentd process. An attacker that can initiate a TCP session with mmm\\_agentd can trigger this vulnerability."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": 9.8,
                "baseSeverity": "Critical",
                "vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "command injection"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501",
                  "refsource": "MISC",
                  "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2017-0501"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "b86d76f8-0f8a-4a96-a78d-d8abfc7fc29b",
        "assignerShortName": "talos",
        "cveId": "CVE-2017-14477",
        "datePublished": "2018-05-09T20:00:00.000Z",
        "dateReserved": "2017-09-13T00:00:00.000Z",
        "dateUpdated": "2024-09-17T04:09:17.916Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }