The host is installed with MariaDB before 10.1.30 or 10.2.x before 10.2.10 and is prone to an authentication bypass vulnerability. A flaw is present in the application which fails to properly handle sql/event_data_objects.cc component. Successful exploitation allows remote authenticated users with SQL access to bypass intended access restrictions and replicate data definition language (DDL) statements to cluster nodes.