CVE-2019-2740

Published: Jul 23, 2019Modified: Nov 21, 2024

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: XML). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Affected (27)

Products: Oracle: Mysql · Canonical: Ubuntu Linux · Mariadb: Mariadb · +3 more

Show all products

Oracle: Mysql · Canonical: Ubuntu Linux · Mariadb: Mariadb · Redhat: Enterprise Linux Desktop, Enterprise Linux Eus, Enterprise Linux Server, Enterprise Linux Server Aus, Enterprise Linux Server Tus, Enterprise Linux Workstation · Fedoraproject: Fedora · Opensuse: Leap

1 product

1 product

1 product

6 products

Enterprise Linux Desktop

Enterprise Linux Eus

Enterprise Linux Server

Enterprise Linux Server Aus

Enterprise Linux Server Tus

Enterprise Linux Workstation

1 product

1 product

Configuration A

3 vulnerable

Vulnerable Software	Affected Versions
Oracle Mysql	From 5.6.0 to 5.6.44
Oracle Mysql	From 5.7.0 to 5.7.26
Oracle Mysql	From 8.0.0 to 8.0.16

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 16.04
Canonical Ubuntu Linux	Version 18.04
Canonical Ubuntu Linux	Version 19.04

Configuration C

5 vulnerable

Vulnerable Software	Affected Versions
Mariadb Mariadb	From 10.1.0 to 10.1.41
Mariadb Mariadb	From 10.2.0 to 10.2.26
Mariadb Mariadb	From 10.3.0 to 10.3.17
Mariadb Mariadb	From 10.4.0 to 10.4.7
Mariadb Mariadb	From 5.5.0 to 5.5.65

Configuration D

13 vulnerable

Vulnerable Software	Affected Versions
Redhat Enterprise Linux Desktop	Version 8.0
Redhat Enterprise Linux Eus	Version 8.1
Redhat Enterprise Linux Eus	Version 8.2
Redhat Enterprise Linux Eus	Version 8.4
Redhat Enterprise Linux Eus	Version 8.6
Redhat Enterprise Linux Server	Version 8.0
Redhat Enterprise Linux Server Aus	Version 8.2
Redhat Enterprise Linux Server Aus	Version 8.4
Redhat Enterprise Linux Server Aus	Version 8.6
Redhat Enterprise Linux Server Tus	Version 8.2
Redhat Enterprise Linux Server Tus	Version 8.4
Redhat Enterprise Linux Server Tus	Version 8.6
Redhat Enterprise Linux Workstation	Version 8.0

Configuration E

2 vulnerable

Vulnerable Software	Affected Versions
Fedoraproject Fedora	Version 29
Fedoraproject Fedora	Version 30

Configuration F

1 vulnerable

Vulnerable Software	Affected Versions
Opensuse Leap	Version 15.1

References (28)

http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html

Source: secalert_us@oracle.com

Mailing ListThird Party Advisory

http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html

Source: secalert_us@oracle.com

Third Party AdvisoryVDB Entry

http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

Source: secalert_us@oracle.com

PatchVendor Advisory

https://access.redhat.com/errata/RHSA-2019:2484

Source: secalert_us@oracle.com

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:2511

Source: secalert_us@oracle.com

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:3708

Source: secalert_us@oracle.com

Third Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/

Source: secalert_us@oracle.com

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/

Source: secalert_us@oracle.com

https://seclists.org/bugtraq/2019/Aug/1

Source: secalert_us@oracle.com

Issue TrackingMailing ListThird Party Advisory

https://support.f5.com/csp/article/K03444640

Source: secalert_us@oracle.com

Third Party Advisory

https://support.f5.com/csp/article/K03444640?utm_source=f5support&amp%3Butm_medium=RSS

Source: secalert_us@oracle.com

https://usn.ubuntu.com/4070-1/

Source: secalert_us@oracle.com

Third Party Advisory

https://usn.ubuntu.com/4070-2/

Source: secalert_us@oracle.com

Third Party Advisory

https://usn.ubuntu.com/4070-3/

Source: secalert_us@oracle.com

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html

Source: af854a3a-2127-422b-91ae-364da2661108

Mailing ListThird Party Advisory

http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party AdvisoryVDB Entry

http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://access.redhat.com/errata/RHSA-2019:2484

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:2511

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://access.redhat.com/errata/RHSA-2019:3708

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/A55N3HZ3JZBXHQMGTUHY63FVTDU5ILEV/

Source: af854a3a-2127-422b-91ae-364da2661108

https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CN3JPT5ICOAWQNPFVPVLLYR4TQIX4MXP/

Source: af854a3a-2127-422b-91ae-364da2661108

https://seclists.org/bugtraq/2019/Aug/1

Source: af854a3a-2127-422b-91ae-364da2661108

Issue TrackingMailing ListThird Party Advisory

https://support.f5.com/csp/article/K03444640

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://support.f5.com/csp/article/K03444640?utm_source=f5support&amp%3Butm_medium=RSS

Source: af854a3a-2127-422b-91ae-364da2661108

https://usn.ubuntu.com/4070-1/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://usn.ubuntu.com/4070-2/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

https://usn.ubuntu.com/4070-3/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.