CVE-2019-2924 — Oracle Mysql vulnerability
8 documents6 sources
Severity
5.3MEDIUMNVD
EPSS
2.4%
top 14.80%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
Timeline
PublishedOct 16
Latest updateMay 24
Description
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Encryption). Supported versions that are affected are 5.6.45 and prior and 5.7.27 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 5.3 (Confidentiality impacts). CVSS Ve…
CVSS vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:NExploitability: 3.9 | Impact: 1.4
Affected Packages2 packages
Also affects: Ubuntu Linux 16.04, 18.04, 19.04, 19.10
Patches
🔴Vulnerability Details
2📋Vendor Advisories
2💬Community
3Bugzilla▶
CVE-2019-2910 CVE-2019-2911 CVE-2019-2922 CVE-2019-2923 CVE-2019-2924 CVE-2019-2974 mysql:5.6/community-mysql: various flaws [fedora-30]↗2019-11-03
Bugzilla▶
CVE-2019-2910 CVE-2019-2911 CVE-2019-2914 CVE-2019-2922 CVE-2019-2923 CVE-2019-2924 CVE-2019-2938 CVE-2019-2946 CVE-2019-2960 CVE-2019-2974 CVE-2019-2993 mysql:5.7/community-mysql: various flaws [fedo↗2019-11-03
Bugzilla▶
CVE-2019-2924 mysql: Server: Security: Encryption unspecified vulnerability (CPU Oct 2019)↗2019-10-23