MySQL SHOW GRANTS Command Vulnerability

MySQL SHOW GRANTS Command Vulnerability

CVE-2001-1275 · HIGH Severity

AV:L/AC:L/AU:N/C:C/I:C/A:C

MySQL before 3.23.31 allows users with a MySQL account to use the SHOW GRANTS command to obtain the encrypted administrator password from the mysql.user table and possibly gain privileges via password cracking.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.