The logging feature in MySQL is improperly configured, allowing external attackers to modify
my.cnf by using a MySQL account with low permissions (such as SELECT and FILE permissions). This can be leveraged to run arbitrary code.
Attackers can start attacks by exploiting an open MySQL service, a web-based MySQL administration application, or even a web SQL injection vulnerability. Because most of the MySQL services run with the Root account, once hackers successfully exploit this vulnerability, they may have control over the entire server, and can bring about severe harm.
- MySQL 5.7.x <= 5.7.15
- MySQL 5.6.x <= 5.6.33
- MySQL 5.5.x <= 5.5.52
- MySQL branch versions:
- Set stronger passwords for all your MySQL accounts. We recommend that you use a strong password that consists of more than 10 characters, and contains numbers, letters, and special symbols.
- Remove unnecessary FILE permissions for all MySQL accounts.
- Install the latest patch from the MySQL official website.