CRITICAL🇵🇱 Wersja polska

CVE-2026-25212

CVSS 9.9v3.1pub. 2026-04-02upd. 2026-04-21

An issue was discovered in Percona PMM before 3.7. Because an internal database user retains specific superuser privileges, an attacker with pmm-admin rights can abuse the "Add data source" feature to break out of the database context and execute shell commands on the underlying operating system.

🤖 AI Analysis
How it works

An internal database user in PMM possesses excessive superuser privileges. An attacker with pmm-admin rights can exploit the 'Add data source' feature (adding a data source) to abuse these privileges. Through a specially crafted request, it is possible to escape the isolated database context and execute system commands (RCE) at the operating system level.

Impact

An attacker can execute arbitrary shell commands on the server hosting Percona PMM, leading to full system compromise — including access to sensitive data, configuration modification, and potential lateral movement within the network.

Mitigation & patch

Percona PMM should be updated to version 3.7.0 or later, in which the described vulnerability has been removed. Patch details are available in the official release notes at the address indicated in the vendor references.

Who is affected

Percona Monitoring and Management (PMM) in versions prior to 3.7

Analysis generated by Claude AI (Anthropic) based on NVD data. Always verify with vendor.
CVSS Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H
  • Percona Monitoring And Management

    APP
    Percona
    < 3.7.0
🔵
CHECK WITH VENDOR
No clear patch data available. Check vendor references.
CWE
References

Related vulnerabilities

CVE-2023-34409CRITICAL9.8ten sam produkt

In Percona Monitoring and Management (PMM) server 2.x before 2.37.1, the authenticate function in auth_server....

CVE-2020-7920HIGH7.5ten sam produkt

pmm-server in Percona Monitoring and Management (PMM) 2.2.x before 2.2.1 allows unauthenticated denial of serv...

CVE-2020-15180CRITICAL9.0ten sam vendor

A flaw was found in the mysql-wsrep component of mariadb. Lack of input sanitization in `wsrep_sst_method` all...

CVE-2020-26542CRITICAL9.8ten sam vendor

An issue was discovered in the MongoDB Simple LDAP plugin through 2020-10-02 for Percona Server when using the...

CVE-2019-12301CRITICAL9.8ten sam vendor

The Percona Server 5.6.44-85.0-1 packages for Debian and Ubuntu suffered an issue where the server would reset...