MySQL Enterprise Monitor 3.1.x < 18.104.22.16895 Agent Subcomponent RCE (January 2017 CPU)
High Nessus Plugin ID 96766
SynopsisA web application running on the remote host is affected by a remote code execution vulnerability.
DescriptionAccording to its self-reported version, the MySQL Enterprise Monitor application running on the remote host is 3.1.x prior to 22.214.171.12495.
It is, therefore, affected by a remote code execution vulnerability in the Agent subcomponent that allows an authenticated, remote attacker to execute arbitrary code.
SolutionUpgrade to MySQL Enterprise Monitor version 126.96.36.19995 or later as referenced in the January 2017 Oracle Critical Patch Update advisory.