Path Traversal and Privilege Escalation in Percona Monitoring and Management (PMM) Server 2.x

Path Traversal and Privilege Escalation in Percona Monitoring and Management (PMM) Server 2.x

CVE-2023-34409 · CRITICAL Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

In Percona Monitoring and Management (PMM) server 2.x before 2.37.1, the authenticate function in auth_server.go does not properly formalize and sanitize URL paths to reject path traversal attempts. This allows an unauthenticated remote user, when a crafted POST request is made against unauthenticated API routes, to access otherwise protected API routes leading to escalation of privileges and information disclosure.

Learn more about our Cis Benchmark Audit For Server Software.