Vulnerability of the Server component: The Oracle MySQL Server database management system’s DML component, which is vulnerable due to insufficient input data validation. This allows attackers to cause system downtime or service failures.

🗓️ 14 Aug 2020 00:00:00Reported by FSTEC of Russia — Information Security Threat DatabaseType

bdu_fstec

bdu_fstec🔗 bdu.fstec.ru👁 1 Views

Oracle MySQL Server DML component has insufficient input validation, risking downtime via the network protocol.

Reporter	Title	Published	Views	Family All 147
Tenable Nessus	Alibaba Cloud Linux 3 : 0097: mysql:8.0 (ALINUX3-SA-2021:0097)	14 May 202500:00	–	nessus
Tenable Nessus	CentOS 8 : mysql:8.0 (CESA-2020:3732)	1 Feb 202100:00	–	nessus
Tenable Nessus	Fedora 32 : community-mysql (2020-9c27be9396)	14 Sep 202000:00	–	nessus
Tenable Nessus	Fedora 31 : community-mysql (2020-d5b2e71a17)	14 Sep 202000:00	–	nessus
Tenable Nessus	GLSA-202105-27 : MySQL: Multiple vulnerabilities	24 Jan 202200:00	–	nessus
Tenable Nessus	MiracleLinux 8 : mysql:8.0 (AXSA:2020-844:01)	20 Jan 202600:00	–	nessus
Tenable Nessus	MySQL 8.0.x < 8.0.21 Multiple Vulnerabilities (Jul 2020 CPU)	16 Jul 202000:00	–	nessus
Tenable Nessus	Oracle Linux 8 : mysql:8.0 (ELSA-2020-3732)	17 Sep 202000:00	–	nessus
Tenable Nessus	Photon OS 3.0: Mysql PHSA-2020-3.0-0118	29 Jul 202000:00	–	nessus
Tenable Nessus	RHEL 7 : rh-mysql80-mysql (RHSA-2020:3518)	23 Jan 202300:00	–	nessus

Vulners

Node

oracle mysql_serverRange≤5.6.48

OR

oracle mysql_serverRange≤5.7.30

OR

oracle mysql_serverRange≤8.0.20

Source	Link
oracle	www.oracle.com/security-alerts/cpujul2020.html
tenable	www.tenable.com/cve/CVE-2020-14575
cybersecurity-help	www.cybersecurity-help.cz/vdb/SB20200716100
web	www.web.nvd.nist.gov/view/vuln/detail

14 Aug 2020 00:00Current

6.4Medium risk

Vulners AI Score6.4

CVSS 34.9

CVSS 26.8

EPSS0.02344

Oracle database server input validation downtime risk network protocol data manipulation language