CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2022-26944

Percona XtraBackup 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONA_SCHEMA.xtrabackup_history table. NOTE: this issue exists because of an incomplete fix for CVE-2020-10997.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.003

EPSS Ranking 48.8%

CVSS Severity

CVSS v3 Score 6.5

CVSS v2 Score 4.0

References

https://docs.percona.com/percona-xtrabackup/2.4/release-notes/2.4/2.4.25.html
https://jira.percona.com/browse/PXB-2722
https://docs.percona.com/percona-xtrabackup/2.4/release-notes/2.4/2.4.25.html
https://jira.percona.com/browse/PXB-2722

Products affected by CVE-2022-26944

Percona » Xtrabackup » Version: 2.4.20

cpe:2.3:a:percona:xtrabackup:2.4.20

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2022-26944

Products

Pricing

Contact Us