Unrated severityNVD Advisory· Published Apr 27, 2020· Updated Aug 4, 2024
CVE-2020-10997
CVE-2020-10997
Description
Percona XtraBackup before 2.4.20 unintentionally writes the command line to any resulting backup file output. This may include sensitive arguments passed at run time. In addition, when --history is passed at run time, this command line is also written to the PERCONA_SCHEMA.xtrabackup_history table.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6- Percona/XtraBackupdescription
- Range: <2.4.20
- osv-coords4 versionspkg:bitnami/percona-xtrabackuppkg:bitnami/percona-xtrabackup-binarypkg:rpm/opensuse/xtrabackup&distro=openSUSE%20Leap%2015.4pkg:rpm/suse/xtrabackup&distro=SUSE%20Package%20Hub%2015%20SP4
>= 2.4.11, < 2.4.20+ 3 more
- (no CPE)range: >= 2.4.11, < 2.4.20
- (no CPE)range: >= 2.4.11, < 2.4.20
- (no CPE)range: < 2.4.26-bp154.2.3.1
- (no CPE)range: < 2.4.26-bp154.2.3.1
Patches
Vulnerability mechanics
References
2- jira.percona.com/browse/PXB-2142mitrex_refsource_CONFIRM
- www.percona.com/blog/2020/04/16/cve-2020-10997-percona-xtrabackup-information-disclosure-of-command-line-arguments/mitrex_refsource_CONFIRM
News mentions
0No linked articles in our index yet.