CVE-2020-15180

A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in `wsrep_sst_method` allows for command injection that can be exploited by a remote attacker to execute arbitrary commands on galera cluster nodes. This threatens the system's confidentiality, integrity, and availability. This flaw affects mariadb versions before 10.1.47, before 10.2.34, before 10.3.25, before 10.4.15 and before 10.5.6.
Command Injection
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
9 CRITICAL
NETWORK
HIGH
NONE
CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 89%
Affected Products (NVD)
VendorProductVersion
mariadbmariadb
10.1.0 ≤
𝑥
< 10.1.47
mariadbmariadb
10.2.0 ≤
𝑥
< 10.2.34
mariadbmariadb
10.3.0 ≤
𝑥
< 10.3.25
mariadbmariadb
10.4.0 ≤
𝑥
< 10.4.15
mariadbmariadb
10.5.0 ≤
𝑥
< 10.5.6
debiandebian_linux
9.0
debiandebian_linux
10.0
perconaxtradb_cluster
𝑥
< 5.6.49-28.42.2
perconaxtradb_cluster
5.7 ≤
𝑥
< 5.7.31-31.45.2
perconaxtradb_cluster
8.0 ≤
𝑥
< 8.0.20-11.2
galeraclustergalera_cluster_for_mysql
5.6 ≤
𝑥
< 5.6.49
galeraclustergalera_cluster_for_mysql
5.7 ≤
𝑥
< 5.7.31
galeraclustergalera_cluster_for_mysql
8.0 ≤
𝑥
< 8.0.21
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
mariadb-10.5
bullseye
1:10.5.23-0+deb11u1
fixed
bullseye (security)
1:10.5.26-0+deb11u2
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
mariadb-10.0
bionic
dne
focal
dne
groovy
dne
hirsute
dne
impish
dne
jammy
dne
kinetic
dne
lunar
dne
mantic
dne
noble
dne
trusty
dne
xenial
needed
mariadb-10.1
bionic
Fixed 1:10.1.47-0ubuntu0.18.04.1
released
focal
dne
groovy
dne
hirsute
dne
impish
dne
jammy
dne
kinetic
dne
lunar
dne
mantic
dne
noble
dne
trusty
dne
xenial
dne
mariadb-10.3
bionic
dne
focal
Fixed 1:10.3.25-0ubuntu0.20.04.1
released
groovy
ignored
hirsute
dne
impish
dne
jammy
dne
kinetic
dne
lunar
dne
mantic
dne
noble
dne
trusty
dne
xenial
dne
openSUSE logo
openSUSE / SLES Releases
openSUSE Product
Release
libmariadb-devel
suse enterprise sap 15 SP1
3.1.11-3.22.2
fixed
suse enterprise sap 15 SP2
3.1.11-3.22.2
fixed
suse enterprise sap 15 SP3
3.1.11-3.22.2
fixed
suse enterprise sap 15 SP4
3.1.11-3.22.2
fixed
suse enterprise sap 15 SP5
3.1.11-3.22.2
fixed
suse enterprise server 15
3.1.11-3.22.2
fixed
suse enterprise server 15 SP1
3.1.11-3.22.2
fixed
suse enterprise server 15 SP2
3.1.11-3.22.2
fixed
suse enterprise server 15 SP3
3.1.11-3.22.2
fixed
suse enterprise server 15 SP4
3.1.11-3.22.2
fixed
suse enterprise server 15 SP5
3.1.11-3.22.2
fixed
libmariadb3
suse enterprise desktop 15 SP1
3.1.11-3.22.2
fixed
suse enterprise desktop 15 SP2
3.1.11-3.22.2
fixed
suse enterprise desktop 15 SP3
3.1.11-3.22.2
fixed
suse enterprise desktop 15 SP4
3.1.11-3.22.2
fixed
suse enterprise desktop 15 SP5
3.1.11-3.22.2
fixed
suse enterprise sap 15 SP1
3.1.11-3.22.2
fixed
suse enterprise sap 15 SP2
3.1.11-3.22.2
fixed
suse enterprise sap 15 SP3
3.1.11-3.22.2
fixed
suse enterprise sap 15 SP4
3.1.11-3.22.2
fixed
suse enterprise sap 15 SP5
3.1.11-3.22.2
fixed
suse enterprise server 12 SP4
3.1.11-2.19.1
fixed
suse enterprise server 15
3.1.11-3.22.2
fixed
suse enterprise server 15 SP1
3.1.11-3.22.2
fixed
suse enterprise server 15 SP2
3.1.11-3.22.2
fixed
suse enterprise server 15 SP3
3.1.11-3.22.2
fixed
suse enterprise server 15 SP4
3.1.11-3.22.2
fixed
suse enterprise server 15 SP5
3.1.11-3.22.2
fixed
libmariadb_plugins
suse enterprise sap 15 SP1
3.1.11-3.22.2
fixed
suse enterprise sap 15 SP2
3.1.11-3.22.2
fixed
suse enterprise sap 15 SP3
3.1.11-3.22.2
fixed
suse enterprise sap 15 SP4
3.1.11-3.22.2
fixed
suse enterprise sap 15 SP5
3.1.11-3.22.2
fixed
suse enterprise server 12 SP4
3.1.11-2.19.1
fixed
suse enterprise server 15
3.1.11-3.22.2
fixed
suse enterprise server 15 SP1
3.1.11-3.22.2
fixed
suse enterprise server 15 SP2
3.1.11-3.22.2
fixed
suse enterprise server 15 SP3
3.1.11-3.22.2
fixed
suse enterprise server 15 SP4
3.1.11-3.22.2
fixed
suse enterprise server 15 SP5
3.1.11-3.22.2
fixed
libmariadbd-devel
suse enterprise sap 15 SP2
10.4.17-3.6.1
fixed
suse enterprise sap 15 SP3
10.5.8-1.5
fixed
suse enterprise sap 15 SP4
10.6.7-150400.1.4
fixed
suse enterprise sap 15 SP7
11.4.5-150700.1.2
fixed
suse enterprise server 15 SP2
10.4.17-3.6.1
fixed
suse enterprise server 15 SP3
10.5.8-1.5
fixed
suse enterprise server 15 SP4
10.6.7-150400.1.4
fixed
suse enterprise server 15 SP7
11.4.5-150700.1.2
fixed
libmariadbd104-devel
suse enterprise server 15 SP1
10.4.30-150100.3.5.10
fixed
libmariadbd19
suse enterprise sap 15 SP2
10.4.17-3.6.1
fixed
suse enterprise sap 15 SP3
10.5.8-1.5
fixed
suse enterprise sap 15 SP4
10.6.7-150400.1.4
fixed
suse enterprise sap 15 SP7
11.4.5-150700.1.2
fixed
suse enterprise server 15 SP1
10.4.30-150100.3.5.10
fixed
suse enterprise server 15 SP2
10.4.17-3.6.1
fixed
suse enterprise server 15 SP3
10.5.8-1.5
fixed
suse enterprise server 15 SP4
10.6.7-150400.1.4
fixed
suse enterprise server 15 SP7
11.4.5-150700.1.2
fixed
libmariadbprivate
suse enterprise desktop 15 SP1
3.1.11-3.22.2
fixed
suse enterprise desktop 15 SP2
3.1.11-3.22.2
fixed
suse enterprise desktop 15 SP3
3.1.11-3.22.2
fixed
suse enterprise desktop 15 SP4
3.1.11-3.22.2
fixed
suse enterprise desktop 15 SP5
3.1.11-3.22.2
fixed
suse enterprise sap 15 SP1
3.1.11-3.22.2
fixed
suse enterprise sap 15 SP2
3.1.11-3.22.2
fixed
suse enterprise sap 15 SP3
3.1.11-3.22.2
fixed
suse enterprise sap 15 SP4
3.1.11-3.22.2
fixed
suse enterprise sap 15 SP5
3.1.11-3.22.2
fixed
suse enterprise server 15
3.1.11-3.22.2
fixed
suse enterprise server 15 SP1
3.1.11-3.22.2
fixed
suse enterprise server 15 SP2
3.1.11-3.22.2
fixed
suse enterprise server 15 SP3
3.1.11-3.22.2
fixed
suse enterprise server 15 SP4
3.1.11-3.22.2
fixed
suse enterprise server 15 SP5
3.1.11-3.22.2
fixed
libmysqld-devel
suse enterprise sap 15 SP1
10.2.36-3.34.4
fixed
suse enterprise server 15
10.2.36-3.34.4
fixed
suse enterprise server 15 SP1
10.2.36-3.34.4
fixed
libmysqld19
suse enterprise sap 15 SP1
10.2.36-3.34.4
fixed
suse enterprise server 15
10.2.36-3.34.4
fixed
suse enterprise server 15 SP1
10.2.36-3.34.4
fixed
mariadb
suse enterprise sap 15 SP1
10.2.36-3.34.4
fixed
suse enterprise sap 15 SP2
10.4.17-3.6.1
fixed
suse enterprise sap 15 SP3
10.5.8-1.5
fixed
suse enterprise sap 15 SP4
10.6.7-150400.1.4
fixed
suse enterprise sap 15 SP7
11.4.5-150700.1.2
fixed
suse enterprise server 12 SP4
10.2.36-3.33.1
fixed
suse enterprise server 15
10.2.36-3.34.4
fixed
suse enterprise server 15 SP1
10.2.36-3.34.4
fixed
suse enterprise server 15 SP2
10.4.17-3.6.1
fixed
suse enterprise server 15 SP3
10.5.8-1.5
fixed
suse enterprise server 15 SP4
10.6.7-150400.1.4
fixed
suse enterprise server 15 SP7
11.4.5-150700.1.2
fixed
mariadb-client
suse enterprise sap 15 SP1
10.2.36-3.34.4
fixed
suse enterprise sap 15 SP2
10.4.17-3.6.1
fixed
suse enterprise sap 15 SP3
10.5.8-1.5
fixed
suse enterprise sap 15 SP4
10.6.7-150400.1.4
fixed
suse enterprise sap 15 SP7
11.4.5-150700.1.2
fixed
suse enterprise server 12 SP4
10.2.36-3.33.1
fixed
suse enterprise server 15
10.2.36-3.34.4
fixed
suse enterprise server 15 SP1
10.2.36-3.34.4
fixed
suse enterprise server 15 SP2
10.4.17-3.6.1
fixed
suse enterprise server 15 SP3
10.5.8-1.5
fixed
suse enterprise server 15 SP4
10.6.7-150400.1.4
fixed
suse enterprise server 15 SP7
11.4.5-150700.1.2
fixed
mariadb-errormessages
suse enterprise sap 15 SP1
10.2.36-3.34.4
fixed
suse enterprise sap 15 SP2
10.4.17-3.6.1
fixed
suse enterprise sap 15 SP3
10.5.8-1.5
fixed
suse enterprise sap 15 SP4
10.6.7-150400.1.4
fixed
suse enterprise sap 15 SP7
11.4.5-150700.1.2
fixed
suse enterprise server 12 SP4
10.2.36-3.33.1
fixed
suse enterprise server 15
10.2.36-3.34.4
fixed
suse enterprise server 15 SP1
10.2.36-3.34.4
fixed
suse enterprise server 15 SP2
10.4.17-3.6.1
fixed
suse enterprise server 15 SP3
10.5.8-1.5
fixed
suse enterprise server 15 SP4
10.6.7-150400.1.4
fixed
suse enterprise server 15 SP7
11.4.5-150700.1.2
fixed
mariadb-tools
suse enterprise sap 15 SP1
10.2.36-3.34.4
fixed
suse enterprise sap 15 SP2
10.4.17-3.6.1
fixed
suse enterprise sap 15 SP3
10.5.8-1.5
fixed
suse enterprise sap 15 SP4
10.6.7-150400.1.4
fixed
suse enterprise sap 15 SP7
11.4.5-150700.1.2
fixed
suse enterprise server 12 SP4
10.2.36-3.33.1
fixed
suse enterprise server 15
10.2.36-3.34.4
fixed
suse enterprise server 15 SP1
10.2.36-3.34.4
fixed
suse enterprise server 15 SP2
10.4.17-3.6.1
fixed
suse enterprise server 15 SP3
10.5.8-1.5
fixed
suse enterprise server 15 SP4
10.6.7-150400.1.4
fixed
suse enterprise server 15 SP7
11.4.5-150700.1.2
fixed
mariadb104
suse enterprise server 15 SP1
10.4.30-150100.3.5.10
fixed
mariadb104-bench
suse enterprise server 15 SP1
10.4.30-150100.3.5.10
fixed
mariadb104-client
suse enterprise server 15 SP1
10.4.30-150100.3.5.10
fixed
mariadb104-errormessages
suse enterprise server 15 SP1
10.4.30-150100.3.5.10
fixed
mariadb104-galera
suse enterprise server 15 SP1
10.4.30-150100.3.5.10
fixed
mariadb104-rpm-macros
suse enterprise server 15 SP1
10.4.30-150100.3.5.10
fixed
mariadb104-test
suse enterprise server 15 SP1
10.4.30-150100.3.5.10
fixed
mariadb104-tools
suse enterprise server 15 SP1
10.4.30-150100.3.5.10
fixed
python3-mysqlclient
suse enterprise server 15 SP1
1.4.6-150100.3.3.7
fixed
Common Weakness Enumeration
References
https://bugzilla.redhat.com/show_bug.cgi?id=1894919
https://lists.debian.org/debian-lts-announce/2020/10/msg00021.html
https://security.gentoo.org/glsa/202011-14
https://www.debian.org/security/2020/dsa-4776
https://www.percona.com/blog/2020/10/30/cve-2020-15180-affects-percona-xtradb-cluster/
https://bugzilla.redhat.com/show_bug.cgi?id=1894919
https://lists.debian.org/debian-lts-announce/2020/10/msg00021.html
https://security.gentoo.org/glsa/202011-14
https://www.debian.org/security/2020/dsa-4776
https://www.percona.com/blog/2020/10/30/cve-2020-15180-affects-percona-xtradb-cluster/