YAOOK Operator MariaDB Replication Security Vulnerability Allowing Database Content Read Access

A vulnerability exists in the YAOOK Operator's MariaDB component, specifically within the infra-operator, due to improper replication security configuration. This flaw enables an on-path attacker to intercept and read database contents, which may include sensitive information such as credentials. The issue arises because, in IPv6-enabled clusters, the operator fails to apply the correct replication options from the configuration file, leaving replication traffic unencrypted. As a result, an attacker could potentially sniff the unprotected TCP traffic, capture passwords, and modify database contents.

Impact

Exploitation of this vulnerability allows an on-path attacker to read unencrypted database replication traffic, potentially intercepting sensitive information such as passwords. With this access, an attacker could modify the entire database contents.

Remediation

The vulnerability has been addressed by updating the YAOOK Operator's infra-operator to correctly apply the `wsrep_provider_options` for IPv6-enabled clusters, ensuring that replication traffic is encrypted. This update is available in the latest version of the YAOOK Operator.