CVE-2019-2923 — Oracle Mysql vulnerability
9 documents6 sources
Severity
5.3MEDIUMNVD
EPSS
1.8%
top 17.20%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 16
Latest updateMay 24
Description
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Ve…
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4
Affected Packages2 packages
Also affects: Ubuntu Linux 16.04, 18.04, 19.04, 19.10
Patches
🔴Vulnerability Details
2📋Vendor Advisories
2💬Community
4Bugzilla▶
CVE-2019-20892 net-snmp: double free in usm_free_usmStateReference function in snmplib/snmpusm.c via an SNMPv3 GetBulk request↗2020-06-25
Bugzilla▶
CVE-2019-2910 CVE-2019-2911 CVE-2019-2922 CVE-2019-2923 CVE-2019-2924 CVE-2019-2974 mysql:5.6/community-mysql: various flaws [fedora-30]↗2019-11-03
Bugzilla▶
CVE-2019-2910 CVE-2019-2911 CVE-2019-2914 CVE-2019-2922 CVE-2019-2923 CVE-2019-2924 CVE-2019-2938 CVE-2019-2946 CVE-2019-2960 CVE-2019-2974 CVE-2019-2993 mysql:5.7/community-mysql: various flaws [fedo↗2019-11-03
Bugzilla▶
CVE-2019-2923 mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2019)↗2019-10-23