virus logo FortiClient Vulnerability

MariaDB CVE-2020-7221 Privilege Escalation Vulnerability

description-logoDescription

mysql_install_db in MariaDB 10.4.7 through 10.4.11 allows privilege escalation from the mysql user account to root because chown and chmod are performed unsafely, as demonstrated by a symlink attack on a chmod 04755 of auth_pam_tool_dir/auth_pam_tool. NOTE: this does not affect the Oracle MySQL product, which implements mysql_install_db differently.

affected-products-logoAffected Applications

MariaDB

CVE References

CVE-2020-7221

Other References

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-7221
ID 4202
Created Feb 02, 2022
Description
Updated		 Oct 26, 2023
Risk black-background-circle-icon black-background-circle-icon black-background-circle-icon black-background-circle-icon lightgray-background-circle-icon
Coverage FortiClient
OS Windows
Vendor MariaDB Corporation
Patch manual
Application MariaDB