CVE-2022-39402 A vulnerability in the MySQL Shell product of Oracle MySQL is affecting versions 8.0.30 and prior.

An attacker can establish access in three ways:

Access to a MySQL server where MySQL Shell is installed.

Access to a MySQL server where MySQL is installed.

Access to a MySQL server where MySQL is installed. An attacker can then run commands as the user who installed MySQL, or create arbitrary databases and tables, and even install arbitrary MySQL server packages. These attacks can be carried out by tricking end users into visiting a specially crafted website, or by accepting a maliciously crafted connection request from a user who is unknowingly attempting to exploit the vulnerability. Note: The user must be authenticated to the target system in order to exploit this vulnerability. An attacker must have valid access to the MySQL server where MySQL Shell is installed.

What are the symptoms of this vulnerability?

The symptoms of this vulnerability are that the remote MySQL service is permitted to connect to the database server.

What can I do about this vulnerability?
There is currently no known remedy for this vulnerability.

Authentication Issues

The MySQL shell can be exploited to run commands as the user who installed MySQL, or create arbitrary databases and tables, and even install arbitrary MySQL server packages. This attack can be carried out by tricking end users into visiting a specially crafted website, or by accepting a maliciously crafted connection request from a user who is unknowingly attempting to exploit the vulnerability. Note: The user must be authenticated to the target system in order to exploit this vulnerability.

MySQL Shell

: Installation on a Server
A MySQL Shell, or "shell," is a command-line interface that can be installed on a MySQL server. When an attacker has access to the MySQL server where it was installed, they can run commands as the user who installed it, or create arbitrary databases and tables, and even install arbitrary MySQL server packages. With this access, attackers can trick end users into visiting a specially crafted website, or by accepting a maliciously crafted connection request from a user who is unknowingly attempting to exploit the vulnerability. Note: The user must be authenticated to the target system in order to exploit this vulnerability.

Attacks

If the MySQL server where MySQL Shell is installed could be accessed from a remote location, an attacker could install unauthorized software on that server and make it part of a botnet.

An attacker may use access to the MySQL server where MySQL is installed to craft text messages and spam to the system mailboxes of users who have installed their own copy of MySQL. An attacker could also use this vulnerability to try to breach into other systems via cross-site scripting (XSS).

Timeline

Published on: 10/18/2022 21:15:00 UTC
Last modified on: 10/18/2022 21:18:00 UTC

References