Skip to main content

Bitnami Mariadb Galera

1 CVEs product

Monthly

CVE-2026-47847 MEDIUM PATCH This Month

Hardcoded default credentials in Bitnami MariaDB Galera container images and Helm chart expose all default deployments to unauthenticated replication status enumeration over the network. The health-check user `monitor` with password `monitor` is granted REPLICATION CLIENT privileges from any host (`%`), meaning any network-accessible cluster running affected images (10.6.x through 12.3.x) or Helm chart prior to 18.3.0 can be accessed using these publicly known credentials. The Helm chart structurally prevented operators from overriding these credentials at deploy time, making the exposure pervasive across all standard chart-based deployments; no public exploit has been identified and the vulnerability is not in CISA KEV at time of analysis.

Debian Authentication Bypass Bitnami Mariadb Galera Bitnami Mariadb Galera Helm Chart
NVD GitHub
CVSS 3.1
5.3
EPSS
0.2%
EPSS 0% CVSS 5.3
MEDIUM PATCH This Month

Hardcoded default credentials in Bitnami MariaDB Galera container images and Helm chart expose all default deployments to unauthenticated replication status enumeration over the network. The health-check user `monitor` with password `monitor` is granted REPLICATION CLIENT privileges from any host (`%`), meaning any network-accessible cluster running affected images (10.6.x through 12.3.x) or Helm chart prior to 18.3.0 can be accessed using these publicly known credentials. The Helm chart structurally prevented operators from overriding these credentials at deploy time, making the exposure pervasive across all standard chart-based deployments; no public exploit has been identified and the vulnerability is not in CISA KEV at time of analysis.

Debian Authentication Bypass Bitnami Mariadb Galera +1
NVD GitHub

This site uses cookies essential for authentication and security. No tracking or analytics cookies are used. Privacy Policy