CVE-2019-2920

Published: Oct 16, 2019Modified: Nov 21, 2024

5.3

Vector

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Exploitability: 3.9 / Impact: 1.4

Source: NVD

Description

Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/ODBC). Supported versions that are affected are 5.3.13 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L).

Affected (6)

Products: Oracle: Mysql · Canonical: Ubuntu Linux

1 product

1 product

Configuration A

2 vulnerable

Vulnerable Software	Affected Versions
Oracle Mysql	From 5.3.0 to 5.3.13
Oracle Mysql	From 8.0.0 to 8.0.17

Configuration B

4 vulnerable

Vulnerable Software	Affected Versions
Canonical Ubuntu Linux	Version 16.04
Canonical Ubuntu Linux	Version 18.04
Canonical Ubuntu Linux	Version 19.04
Canonical Ubuntu Linux	Version 19.10

References (4)

http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

Source: secalert_us@oracle.com

PatchVendor Advisory

https://usn.ubuntu.com/4195-1/

Source: secalert_us@oracle.com

Third Party Advisory

http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html

Source: af854a3a-2127-422b-91ae-364da2661108

PatchVendor Advisory

https://usn.ubuntu.com/4195-1/

Source: af854a3a-2127-422b-91ae-364da2661108

Third Party Advisory

Timeline

No history available yet.