CVE-2014-2029

Publication date 29 September 2017

Last updated 25 August 2025


Ubuntu priority

Cvss 3 Severity Score

8.1 · High

Score breakdown

Description

The automatic version check functionality in the tools in Percona Toolkit 2.1 allows man-in-the-middle attackers to obtain sensitive information or execute arbitrary code by leveraging use of HTTP to download configuration information from v.percona.com.

Status

Package Ubuntu Release Status
percona-toolkit 14.04 LTS trusty Not in release
13.10 saucy Ignored end of life
12.10 quantal Ignored end of life
12.04 LTS precise
Not affected
10.04 LTS lucid Not in release

Severity score breakdown

CVSS version: CVSS v3.0

Base score 8.1 · High

Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:H


Access our resources on patching vulnerabilities