Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
| Version | Base score | Base severity | Vector |
|---|
| Hyperlink | Resource Type |
|---|
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
| Type | CWE ID | Description |
|---|---|---|
| text | N/A | Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. |
| Version | Base score | Base severity | Vector |
|---|
| CAPEC ID | Description |
|---|
| Event | Date |
|---|
| Hyperlink | Resource |
|---|---|
| http://www.oracle.com/technetwork/security-advisory/cpujul2019-5072835.html | x_refsource_MISC |
| https://usn.ubuntu.com/4070-1/ | vendor-advisory x_refsource_UBUNTU |
| https://seclists.org/bugtraq/2019/Aug/1 | mailing-list x_refsource_BUGTRAQ |
| http://packetstormsecurity.com/files/153862/Slackware-Security-Advisory-mariadb-Updates.html | x_refsource_MISC |
| https://usn.ubuntu.com/4070-2/ | vendor-advisory x_refsource_UBUNTU |
| https://usn.ubuntu.com/4070-3/ | vendor-advisory x_refsource_UBUNTU |
| https://access.redhat.com/errata/RHSA-2019:2484 | vendor-advisory x_refsource_REDHAT |
| https://access.redhat.com/errata/RHSA-2019:2511 | vendor-advisory x_refsource_REDHAT |
| https://support.f5.com/csp/article/K04831884 | x_refsource_CONFIRM |
| https://support.f5.com/csp/article/K04831884?utm_source=f5support&%3Butm_medium=RSS | x_refsource_CONFIRM |
| https://access.redhat.com/errata/RHSA-2019:3708 | vendor-advisory x_refsource_REDHAT |
| http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00037.html | vendor-advisory x_refsource_SUSE |
| Version | Base score | Base severity | Vector |
|---|
| CAPEC ID | Description |
|---|
| Event | Date |
|---|
| Version | Base score | Base severity | Vector |
|---|
| CAPEC ID | Description |
|---|
| Event | Date |
|---|
| Hyperlink | Resource |
|---|
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Parser). Supported versions that are affected are 5.6.44 and prior, 5.7.26 and prior and 8.0.16 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).
| Date Added | Due Date | Vulnerability Name | Required Action |
|---|---|---|---|
| N/A |
| Type | Version | Base score | Base severity | Vector |
|---|---|---|---|---|
| Primary | 3.1 | 6.5 | MEDIUM | CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
| Primary | 2.0 | 4.0 | MEDIUM | AV:N/AC:L/Au:S/C:N/I:N/A:P |
| CWE ID | Type | Source |
|---|---|---|
| NVD-CWE-noinfo | Primary | nvd@nist.gov |