CVE-2019-2778 — Oracle Mysql vulnerability

10 documents7 sources

Severity

5.4MEDIUMNVD

EPSS

0.6%

top 29.78%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Mysql Oracle Corporation Mysql Server Canonical Ubuntu Linux +6 more

Timeline

PublishedJul 23

Latest updateMay 24

Description

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges). Supported versions that are affected are 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data and unauthorized ability to cause a par…

CVSS vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:LExploitability: 2.8 | Impact: 2.5

Affected Packages3 packages

▶CVEListV5oracle_corporation/mysql_server5.7.26 and prior, 8.0.16 and prior+1

▶NVDoracle/mysql5.7.0 — 5.7.26+1

▶NVDredhat/software_collections1.0

Also affects: Fedora 29, 30, Ubuntu Linux 16.04, 18.04, 19.04, Enterprise Linux 8.0, 8.1, 8.2, 8.4, 8.6

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-fff3-jjm2-qjf5: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges)↗2022-05-24

▶

CVEList

CVE-2019-2778: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges)↗2019-07-23

▶

OSV

CVE-2019-2778: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Privileges)↗2019-07-19

▶

📋Vendor Advisories

Ubuntu

MySQL vulnerabilities↗2019-07-24

▶

Red Hat

mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2019)↗2019-07-16

▶

💬Community

Bugzilla

CVE-2019-2737 CVE-2019-2738 CVE-2019-2739 CVE-2019-2740 CVE-2019-2752 CVE-2019-2755 CVE-2019-2757 CVE-2019-2758 CVE-2019-2774 CVE-2019-2778 CVE-2019-2780 CVE-2019-2784 CVE-2019-2785 CVE-2019-2789 ... ↗2019-07-22

▶

Bugzilla

CVE-2019-2778 mysql: Server: Security: Privileges unspecified vulnerability (CPU Jul 2019)↗2019-07-22

▶

Bugzilla

CVE-2019-2731 CVE-2019-2737 CVE-2019-2738 CVE-2019-2739 CVE-2019-2740 CVE-2019-2755 CVE-2019-2757 CVE-2019-2758 CVE-2019-2774 CVE-2019-2778 CVE-2019-2797 CVE-2019-2805 CVE-2019-2819 mysql:5.7/communit↗2019-07-22

▶

Bugzilla

CVE-2018-7456 libtiff: NULL pointer dereference in tif_print.c:TIFFPrintDirectory() causes a denial of service↗2018-03-15

▶