6.5 Medium
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H
Oracle MySQL is an open source relational database management system from Oracle Corporation. MySQL Server is one of the database server components. Oracle MySQL 8.0.28 and prior versions contain an input validation error vulnerability that originates from a highly privileged attacker who allows network access via multiple protocols to The vulnerability can be exploited to compromise MySQL Server. An attacker can use the vulnerability to gain unauthorized creation, deletion, or modification access to all MySQL Server accessible data, as well as crash the MySQL Server service.
CPE | Name | Operator | Version |
---|---|---|---|
oracle mysql | le | 8.0.28 |