Lucene search

K
cvelistOracleCVELIST:CVE-2019-2822
HistoryJul 23, 2019 - 10:31 p.m.

CVE-2019-2822

2019-07-2322:31:48
oracle
www.cve.org
9
mysql server
unauthenticated attackers
compromise
takeover

AI Score

7.3

Confidence

High

EPSS

0.003

Percentile

69.3%

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Shell: Admin / InnoDB Cluster). Supported versions that are affected are 8.0.16 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.0 Base Score 7.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).

CNA Affected

[
  {
    "product": "MySQL Server",
    "vendor": "Oracle Corporation",
    "versions": [
      {
        "status": "affected",
        "version": "8.0.16 and prior"
      }
    ]
  }
]

AI Score

7.3

Confidence

High

EPSS

0.003

Percentile

69.3%