CVE-2020-2875 — Oracle Mysql Connector J vulnerability
8 documents7 sources
Severity
4.7MEDIUMNVD
EPSS
0.7%
top 28.17%
CISA KEV
Not in KEV
Exploit
No known exploits
Timeline
PublishedApr 15
Latest updateMay 24
Description
Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.14 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products. S…
CVSS vector
CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:NExploitability: 1.6 | Impact: 2.7
Affected Packages2 packages
Also affects: Debian Linux 8.0, 9.0, Fedora 32, 33
🔴Vulnerability Details
3GHSA▶
GHSA-cq4v-593f-gw93: Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J)↗2022-05-24
OSV▶
CVE-2020-2875: Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J)↗2020-04-15
CVEList▶
CVE-2020-2875: Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J)↗2020-04-15
📋Vendor Advisories
2💬Community
2Bugzilla▶
CVE-2020-2875 mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delet↗2020-06-25
Bugzilla▶
CVE-2020-2875 mysql-connector-java: allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors which could result in unauthorized update, insert or delet↗2020-06-25