Percona PMM Server Default Credentials Vulnerability Leading to SSH Access and Privilege Escalation

A vulnerability exists in Percona PMM Server (OVA) versions prior to 3.0.0-1.ova, specifically in OVA installations of PMM 2.38 and above. This issue arises from default service account credentials that can be exploited to gain unauthorized SSH access, escalate privileges to root using sudo, and access sensitive data. The vulnerability does not affect PMM Docker or Amazon Machine Images (AMIs).

Impact

Exploitation of this vulnerability allows for unauthorized SSH access, privilege escalation to root via sudo, and potential exposure of sensitive service credentials and configurations.

Remediation

Users are advised to upgrade to PMM 2.44.0-1 or PMM 3.0.0-1. Instructions for downloading these versions are available on the Percona website. After upgrading, all credentials for monitored and connected services should be changed, and system and authentication logs should be reviewed for any signs of unauthorized access.