CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:N/I:N/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
82.5%
The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the RLSA-2020:3732 advisory.
* mysql: Server: Security: Privileges multiple unspecified vulnerabilities (CVE-2020-14663, CVE-2020-14678, CVE-2020-14697, CVE-2020-2761, CVE-2020-2774, CVE-2020-2779, CVE-2020-2853, CVE-2020-14586, CVE-2020-14702)
* mysql: Server: Security: Encryption multiple unspecified vulnerabilities (CVE-2019-2914, CVE-2019-2957)
* mysql: InnoDB multiple unspecified vulnerabilities (CVE-2019-2938, CVE-2019-2963, CVE-2019-2968, CVE-2019-3018, CVE-2020-2577, CVE-2020-2589, CVE-2020-2760, CVE-2020-2762, CVE-2020-2814, CVE-2020-2893, CVE-2020-2895, CVE-2020-14568, CVE-2020-14623, CVE-2020-14633, CVE-2020-14634)
* mysql: Server: PS multiple unspecified vulnerabilities (CVE-2019-2946, CVE-2020-2925)
* mysql: Server: Replication multiple unspecified vulnerabilities (CVE-2019-2960, CVE-2020-2759, CVE-2020-2763, CVE-2020-14567)
* mysql: Server: Optimizer multiple unspecified vulnerabilities (CVE-2019-2966, CVE-2019-2967, CVE-2019-2974, CVE-2019-2982, CVE-2019-2991, CVE-2019-2998, CVE-2020-2579, CVE-2020-2660, CVE-2020-2679, CVE-2020-2686, CVE-2020-2765, CVE-2020-2892, CVE-2020-2897, CVE-2020-2901, CVE-2020-2904, CVE-2020-2923, CVE-2020-2924, CVE-2020-2928, CVE-2020-14539, CVE-2020-14547, CVE-2020-14597, CVE-2020-14614, CVE-2020-14654, CVE-2020-14680, CVE-2020-14725)
* mysql: Server: C API multiple unspecified vulnerabilities (CVE-2019-2993, CVE-2019-3011)
* mysql: Server: DDL multiple unspecified vulnerabilities (CVE-2019-2997, CVE-2020-2580)
* mysql: Server: Parser multiple unspecified vulnerabilities (CVE-2019-3004, CVE-2020-2627, CVE-2020-2930, CVE-2020-14619)
* mysql: Server: Connection unspecified vulnerability (CVE-2019-3009)
* mysql: Server: Options multiple unspecified vulnerabilities (CVE-2020-2584, CVE-2020-14632)
* mysql: Server: DML multiple unspecified vulnerabilities (CVE-2020-2588, CVE-2020-2780, CVE-2020-14540, CVE-2020-14575, CVE-2020-14620)
* mysql: C API multiple unspecified vulnerabilities (CVE-2020-2752, CVE-2020-2922, CVE-2020-14550, CVE-2020-2570, CVE-2020-2573, CVE-2020-2574)
* mysql: Server: Logging unspecified vulnerability (CVE-2020-2770)
* mysql: Server: Memcached unspecified vulnerability (CVE-2020-2804)
* mysql: Server: Stored Procedure unspecified vulnerability (CVE-2020-2812)
* mysql: Server: Information Schema multiple unspecified vulnerabilities (CVE-2020-2896, CVE-2020-14559, CVE-2020-2694)
* mysql: Server: Charsets unspecified vulnerability (CVE-2020-2898)
* mysql: Server: Connection Handling unspecified vulnerability (CVE-2020-2903)
* mysql: Server: Group Replication Plugin unspecified vulnerability (CVE-2020-2921)
* mysql: Server: Group Replication GCS unspecified vulnerability (CVE-2020-2926)
* mysql: Server: Pluggable Auth unspecified vulnerability (CVE-2020-14553)
* mysql: Server: UDF unspecified vulnerability (CVE-2020-14576)
* mysql: Server: JSON unspecified vulnerability (CVE-2020-14624)
* mysql: Server: Security: Audit unspecified vulnerability (CVE-2020-14631)
* mysql: Server: Security: Roles multiple unspecified vulnerabilities (CVE-2020-14641, CVE-2020-14643, CVE-2020-14651)
* mysql: Server: Locking unspecified vulnerability (CVE-2020-14656)
* mysql: Information Schema unspecified vulnerability (CVE-2019-2911)
Tenable has extracted the preceding description block directly from the Rocky Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#%NASL_MIN_LEVEL 80900
##
# (C) Tenable, Inc.
#
# The package checks in this plugin were extracted from
# Rocky Linux Security Advisory RLSA-2020:3732.
##
include('compat.inc');
if (description)
{
script_id(184570);
script_version("1.2");
script_set_attribute(attribute:"plugin_modification_date", value:"2024/07/10");
script_cve_id(
"CVE-2019-2911",
"CVE-2019-2914",
"CVE-2019-2938",
"CVE-2019-2946",
"CVE-2019-2957",
"CVE-2019-2960",
"CVE-2019-2963",
"CVE-2019-2966",
"CVE-2019-2967",
"CVE-2019-2968",
"CVE-2019-2974",
"CVE-2019-2982",
"CVE-2019-2991",
"CVE-2019-2993",
"CVE-2019-2997",
"CVE-2019-2998",
"CVE-2019-3004",
"CVE-2019-3009",
"CVE-2019-3011",
"CVE-2019-3018",
"CVE-2020-2570",
"CVE-2020-2573",
"CVE-2020-2574",
"CVE-2020-2577",
"CVE-2020-2579",
"CVE-2020-2580",
"CVE-2020-2584",
"CVE-2020-2588",
"CVE-2020-2589",
"CVE-2020-2627",
"CVE-2020-2660",
"CVE-2020-2679",
"CVE-2020-2686",
"CVE-2020-2694",
"CVE-2020-2752",
"CVE-2020-2759",
"CVE-2020-2760",
"CVE-2020-2761",
"CVE-2020-2762",
"CVE-2020-2763",
"CVE-2020-2765",
"CVE-2020-2770",
"CVE-2020-2774",
"CVE-2020-2779",
"CVE-2020-2780",
"CVE-2020-2804",
"CVE-2020-2812",
"CVE-2020-2814",
"CVE-2020-2853",
"CVE-2020-2892",
"CVE-2020-2893",
"CVE-2020-2895",
"CVE-2020-2896",
"CVE-2020-2897",
"CVE-2020-2898",
"CVE-2020-2901",
"CVE-2020-2903",
"CVE-2020-2904",
"CVE-2020-2921",
"CVE-2020-2922",
"CVE-2020-2923",
"CVE-2020-2924",
"CVE-2020-2925",
"CVE-2020-2926",
"CVE-2020-2928",
"CVE-2020-2930",
"CVE-2020-14539",
"CVE-2020-14540",
"CVE-2020-14547",
"CVE-2020-14550",
"CVE-2020-14553",
"CVE-2020-14559",
"CVE-2020-14567",
"CVE-2020-14568",
"CVE-2020-14575",
"CVE-2020-14576",
"CVE-2020-14586",
"CVE-2020-14597",
"CVE-2020-14614",
"CVE-2020-14619",
"CVE-2020-14620",
"CVE-2020-14623",
"CVE-2020-14624",
"CVE-2020-14631",
"CVE-2020-14632",
"CVE-2020-14633",
"CVE-2020-14634",
"CVE-2020-14641",
"CVE-2020-14643",
"CVE-2020-14651",
"CVE-2020-14654",
"CVE-2020-14656",
"CVE-2020-14663",
"CVE-2020-14678",
"CVE-2020-14680",
"CVE-2020-14697",
"CVE-2020-14702",
"CVE-2020-14725",
"CVE-2020-14799",
"CVE-2021-1998",
"CVE-2021-2006",
"CVE-2021-2007",
"CVE-2021-2009",
"CVE-2021-2012",
"CVE-2021-2016",
"CVE-2021-2019",
"CVE-2021-2020",
"CVE-2021-2144",
"CVE-2021-2160"
);
script_xref(name:"IAVA", value:"2019-A-0383-S");
script_xref(name:"IAVA", value:"2020-A-0021-S");
script_xref(name:"IAVA", value:"2020-A-0143-S");
script_xref(name:"IAVA", value:"2020-A-0321-S");
script_xref(name:"IAVA", value:"2020-A-0473-S");
script_xref(name:"IAVA", value:"2021-A-0038-S");
script_xref(name:"IAVA", value:"2021-A-0193-S");
script_xref(name:"RLSA", value:"2020:3732");
script_xref(name:"CEA-ID", value:"CEA-2021-0025");
script_xref(name:"CEA-ID", value:"CEA-2021-0004");
script_name(english:"Rocky Linux 8 : mysql:8.0 (RLSA-2020:3732)");
script_set_attribute(attribute:"synopsis", value:
"The remote Rocky Linux host is missing one or more security updates.");
script_set_attribute(attribute:"description", value:
"The remote Rocky Linux 8 host has packages installed that are affected by multiple vulnerabilities as referenced in the
RLSA-2020:3732 advisory.
* mysql: Server: Security: Privileges multiple unspecified vulnerabilities (CVE-2020-14663,
CVE-2020-14678, CVE-2020-14697, CVE-2020-2761, CVE-2020-2774, CVE-2020-2779, CVE-2020-2853,
CVE-2020-14586, CVE-2020-14702)
* mysql: Server: Security: Encryption multiple unspecified vulnerabilities (CVE-2019-2914, CVE-2019-2957)
* mysql: InnoDB multiple unspecified vulnerabilities (CVE-2019-2938, CVE-2019-2963, CVE-2019-2968,
CVE-2019-3018, CVE-2020-2577, CVE-2020-2589, CVE-2020-2760, CVE-2020-2762, CVE-2020-2814, CVE-2020-2893,
CVE-2020-2895, CVE-2020-14568, CVE-2020-14623, CVE-2020-14633, CVE-2020-14634)
* mysql: Server: PS multiple unspecified vulnerabilities (CVE-2019-2946, CVE-2020-2925)
* mysql: Server: Replication multiple unspecified vulnerabilities (CVE-2019-2960, CVE-2020-2759,
CVE-2020-2763, CVE-2020-14567)
* mysql: Server: Optimizer multiple unspecified vulnerabilities (CVE-2019-2966, CVE-2019-2967,
CVE-2019-2974, CVE-2019-2982, CVE-2019-2991, CVE-2019-2998, CVE-2020-2579, CVE-2020-2660, CVE-2020-2679,
CVE-2020-2686, CVE-2020-2765, CVE-2020-2892, CVE-2020-2897, CVE-2020-2901, CVE-2020-2904, CVE-2020-2923,
CVE-2020-2924, CVE-2020-2928, CVE-2020-14539, CVE-2020-14547, CVE-2020-14597, CVE-2020-14614,
CVE-2020-14654, CVE-2020-14680, CVE-2020-14725)
* mysql: Server: C API multiple unspecified vulnerabilities (CVE-2019-2993, CVE-2019-3011)
* mysql: Server: DDL multiple unspecified vulnerabilities (CVE-2019-2997, CVE-2020-2580)
* mysql: Server: Parser multiple unspecified vulnerabilities (CVE-2019-3004, CVE-2020-2627, CVE-2020-2930,
CVE-2020-14619)
* mysql: Server: Connection unspecified vulnerability (CVE-2019-3009)
* mysql: Server: Options multiple unspecified vulnerabilities (CVE-2020-2584, CVE-2020-14632)
* mysql: Server: DML multiple unspecified vulnerabilities (CVE-2020-2588, CVE-2020-2780, CVE-2020-14540,
CVE-2020-14575, CVE-2020-14620)
* mysql: C API multiple unspecified vulnerabilities (CVE-2020-2752, CVE-2020-2922, CVE-2020-14550,
CVE-2020-2570, CVE-2020-2573, CVE-2020-2574)
* mysql: Server: Logging unspecified vulnerability (CVE-2020-2770)
* mysql: Server: Memcached unspecified vulnerability (CVE-2020-2804)
* mysql: Server: Stored Procedure unspecified vulnerability (CVE-2020-2812)
* mysql: Server: Information Schema multiple unspecified vulnerabilities (CVE-2020-2896, CVE-2020-14559,
CVE-2020-2694)
* mysql: Server: Charsets unspecified vulnerability (CVE-2020-2898)
* mysql: Server: Connection Handling unspecified vulnerability (CVE-2020-2903)
* mysql: Server: Group Replication Plugin unspecified vulnerability (CVE-2020-2921)
* mysql: Server: Group Replication GCS unspecified vulnerability (CVE-2020-2926)
* mysql: Server: Pluggable Auth unspecified vulnerability (CVE-2020-14553)
* mysql: Server: UDF unspecified vulnerability (CVE-2020-14576)
* mysql: Server: JSON unspecified vulnerability (CVE-2020-14624)
* mysql: Server: Security: Audit unspecified vulnerability (CVE-2020-14631)
* mysql: Server: Security: Roles multiple unspecified vulnerabilities (CVE-2020-14641, CVE-2020-14643,
CVE-2020-14651)
* mysql: Server: Locking unspecified vulnerability (CVE-2020-14656)
* mysql: Information Schema unspecified vulnerability (CVE-2019-2911)
Tenable has extracted the preceding description block directly from the Rocky Linux security advisory.
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
script_set_attribute(attribute:"see_also", value:"https://errata.rockylinux.org/RLSA-2020:3732");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1764675");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1764676");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1764680");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1764681");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1764684");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1764685");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1764686");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1764687");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1764688");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1764689");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1764691");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1764692");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1764693");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1764694");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1764695");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1764696");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1764698");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1764699");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1764700");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1764701");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1796880");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1796881");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1796882");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1796883");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1796884");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1796885");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1796886");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1796887");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1796888");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1796889");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1796905");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1798559");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1798576");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1798587");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830048");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830049");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830050");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830051");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830052");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830053");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830054");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830055");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830056");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830058");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830059");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830060");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830061");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830062");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830064");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830066");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830067");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830068");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830069");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830070");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830071");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830072");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830073");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830074");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830075");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830076");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830077");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830078");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830079");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1830082");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1835849");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1835850");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865945");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865947");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865948");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865949");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865950");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865951");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865952");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865953");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865954");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865955");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865956");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865958");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865959");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865960");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865961");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865962");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865963");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865964");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865965");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865966");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865967");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865968");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865969");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865970");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865971");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865972");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865973");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865974");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865975");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865976");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865977");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1865982");
script_set_attribute(attribute:"see_also", value:"https://bugzilla.redhat.com/show_bug.cgi?id=1874040");
script_set_attribute(attribute:"solution", value:
"Update the affected packages.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2021-2144");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"vuln_publication_date", value:"2019/10/15");
script_set_attribute(attribute:"patch_publication_date", value:"2020/09/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2023/11/06");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mecab");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mecab-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mecab-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mecab-ipadic");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mecab-ipadic-EUCJP");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql-common");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql-debugsource");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql-devel");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql-devel-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql-errmsg");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql-libs");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql-libs-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql-server");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql-server-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql-test");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:rocky:linux:mysql-test-debuginfo");
script_set_attribute(attribute:"cpe", value:"cpe:/o:rocky:linux:8");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Rocky Linux Local Security Checks");
script_copyright(english:"This script is Copyright (C) 2023-2024 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/RockyLinux/release", "Host/RockyLinux/rpm-list", "Host/cpu");
exit(0);
}
include('rpm.inc');
if (!get_kb_item('Host/local_checks_enabled')) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
var os_release = get_kb_item('Host/RockyLinux/release');
if (isnull(os_release) || 'Rocky Linux' >!< os_release) audit(AUDIT_OS_NOT, 'Rocky Linux');
var os_ver = pregmatch(pattern: "Rocky(?: Linux)? release ([0-9]+(\.[0-9]+)?)", string:os_release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, 'Rocky Linux');
os_ver = os_ver[1];
if (! preg(pattern:"^8([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, 'Rocky Linux 8.x', 'Rocky Linux ' + os_ver);
if (!get_kb_item('Host/RockyLinux/rpm-list')) audit(AUDIT_PACKAGE_LIST_MISSING);
var cpu = get_kb_item('Host/cpu');
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ('x86_64' >!< cpu && cpu !~ "^i[3-6]86$" && 's390' >!< cpu && 'aarch64' >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Rocky Linux', cpu);
var module_ver = get_kb_item('Host/RockyLinux/appstream/mysql');
if (isnull(module_ver)) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module mysql:8.0');
if ('8.0' >!< module_ver) audit(AUDIT_PACKAGE_NOT_AFFECTED, 'Module mysql:' + module_ver);
var appstreams = {
'mysql:8.0': [
{'reference':'mecab-0.996-1.module+el8.3.0+242+87d3366a.9', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mecab-0.996-1.module+el8.3.0+242+87d3366a.9', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mecab-debuginfo-0.996-1.module+el8.3.0+242+87d3366a.9', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mecab-debuginfo-0.996-1.module+el8.3.0+242+87d3366a.9', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mecab-debugsource-0.996-1.module+el8.3.0+242+87d3366a.9', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mecab-debugsource-0.996-1.module+el8.3.0+242+87d3366a.9', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mecab-ipadic-2.7.0.20070801-16.module+el8.3.0+242+87d3366a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mecab-ipadic-2.7.0.20070801-16.module+el8.3.0+242+87d3366a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.3.0+242+87d3366a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mecab-ipadic-EUCJP-2.7.0.20070801-16.module+el8.3.0+242+87d3366a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-common-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-common-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-debuginfo-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-debuginfo-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-debugsource-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-debugsource-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-devel-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-devel-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-devel-debuginfo-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-devel-debuginfo-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-errmsg-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-errmsg-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-libs-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-libs-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-libs-debuginfo-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-libs-debuginfo-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-server-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-server-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-server-debuginfo-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-server-debuginfo-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-test-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-test-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-test-debuginfo-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'aarch64', 'release':'8', 'rpm_spec_vers_cmp':TRUE},
{'reference':'mysql-test-debuginfo-8.0.21-1.module+el8.3.0+242+87d3366a', 'cpu':'x86_64', 'release':'8', 'rpm_spec_vers_cmp':TRUE}
]
};
var flag = 0;
var appstreams_found = 0;
foreach var module (keys(appstreams)) {
var appstream = NULL;
var appstream_name = NULL;
var appstream_version = NULL;
var appstream_split = split(module, sep:':', keep:FALSE);
if (!empty_or_null(appstream_split)) {
appstream_name = appstream_split[0];
appstream_version = appstream_split[1];
if (!empty_or_null(appstream_name)) appstream = get_one_kb_item('Host/RockyLinux/appstream/' + appstream_name);
}
if (!empty_or_null(appstream) && appstream_version == appstream || appstream_name == 'all') {
appstreams_found++;
foreach var package_array ( appstreams[module] ) {
var reference = NULL;
var _release = NULL;
var sp = NULL;
var _cpu = NULL;
var el_string = NULL;
var rpm_spec_vers_cmp = NULL;
var epoch = NULL;
var allowmaj = NULL;
var exists_check = NULL;
if (!empty_or_null(package_array['reference'])) reference = package_array['reference'];
if (!empty_or_null(package_array['release'])) _release = 'Rocky-' + package_array['release'];
if (!empty_or_null(package_array['sp'])) sp = package_array['sp'];
if (!empty_or_null(package_array['cpu'])) _cpu = package_array['cpu'];
if (!empty_or_null(package_array['el_string'])) el_string = package_array['el_string'];
if (!empty_or_null(package_array['rpm_spec_vers_cmp'])) rpm_spec_vers_cmp = package_array['rpm_spec_vers_cmp'];
if (!empty_or_null(package_array['epoch'])) epoch = package_array['epoch'];
if (!empty_or_null(package_array['allowmaj'])) allowmaj = package_array['allowmaj'];
if (!empty_or_null(package_array['exists_check'])) exists_check = package_array['exists_check'];
if (reference && _release && (!exists_check || rpm_exists(release:_release, rpm:exists_check))) {
if (rpm_check(release:_release, sp:sp, cpu:_cpu, reference:reference, epoch:epoch, el_string:el_string, rpm_spec_vers_cmp:rpm_spec_vers_cmp, allowmaj:allowmaj)) flag++;
}
}
}
}
if (!appstreams_found) audit(AUDIT_PACKAGE_NOT_INSTALLED, 'Module mysql:8.0');
if (flag)
{
security_report_v4(
port : 0,
severity : SECURITY_WARNING,
extra : rpm_report_get()
);
exit(0);
}
else
{
var tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'mecab / mecab-debuginfo / mecab-debugsource / mecab-ipadic / etc');
}
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2911
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2914
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2938
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2946
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2957
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2960
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2963
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2966
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2967
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2968
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2974
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2982
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2991
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2993
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2997
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-2998
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3004
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3009
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3011
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-3018
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14539
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14540
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14547
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14550
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14553
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14559
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14567
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14568
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14575
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14576
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14586
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14597
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14614
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14619
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14620
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14623
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14624
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14631
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14632
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14633
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14634
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14641
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14643
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14651
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14654
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14656
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14663
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14678
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14680
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14697
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14702
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14725
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-14799
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2570
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2573
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2574
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2577
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2579
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2580
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2584
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2588
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2589
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2627
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2660
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2679
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2686
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2694
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2752
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2759
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2760
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2761
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2762
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2763
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2765
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2770
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2774
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2779
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2780
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2804
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2812
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2814
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2853
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2892
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2893
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2895
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2896
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2897
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2898
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2901
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2903
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2904
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2921
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2922
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2923
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2924
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2925
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2926
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2928
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2930
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-1998
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2006
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2007
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2009
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2012
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2016
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2019
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2020
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2144
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-2160
bugzilla.redhat.com/show_bug.cgi?id=1764675
bugzilla.redhat.com/show_bug.cgi?id=1764676
bugzilla.redhat.com/show_bug.cgi?id=1764680
bugzilla.redhat.com/show_bug.cgi?id=1764681
bugzilla.redhat.com/show_bug.cgi?id=1764684
bugzilla.redhat.com/show_bug.cgi?id=1764685
bugzilla.redhat.com/show_bug.cgi?id=1764686
bugzilla.redhat.com/show_bug.cgi?id=1764687
bugzilla.redhat.com/show_bug.cgi?id=1764688
bugzilla.redhat.com/show_bug.cgi?id=1764689
bugzilla.redhat.com/show_bug.cgi?id=1764691
bugzilla.redhat.com/show_bug.cgi?id=1764692
bugzilla.redhat.com/show_bug.cgi?id=1764693
bugzilla.redhat.com/show_bug.cgi?id=1764694
bugzilla.redhat.com/show_bug.cgi?id=1764695
bugzilla.redhat.com/show_bug.cgi?id=1764696
bugzilla.redhat.com/show_bug.cgi?id=1764698
bugzilla.redhat.com/show_bug.cgi?id=1764699
bugzilla.redhat.com/show_bug.cgi?id=1764700
bugzilla.redhat.com/show_bug.cgi?id=1764701
bugzilla.redhat.com/show_bug.cgi?id=1796880
bugzilla.redhat.com/show_bug.cgi?id=1796881
bugzilla.redhat.com/show_bug.cgi?id=1796882
bugzilla.redhat.com/show_bug.cgi?id=1796883
bugzilla.redhat.com/show_bug.cgi?id=1796884
bugzilla.redhat.com/show_bug.cgi?id=1796885
bugzilla.redhat.com/show_bug.cgi?id=1796886
bugzilla.redhat.com/show_bug.cgi?id=1796887
bugzilla.redhat.com/show_bug.cgi?id=1796888
bugzilla.redhat.com/show_bug.cgi?id=1796889
bugzilla.redhat.com/show_bug.cgi?id=1796905
bugzilla.redhat.com/show_bug.cgi?id=1798559
bugzilla.redhat.com/show_bug.cgi?id=1798576
bugzilla.redhat.com/show_bug.cgi?id=1798587
bugzilla.redhat.com/show_bug.cgi?id=1830048
bugzilla.redhat.com/show_bug.cgi?id=1830049
bugzilla.redhat.com/show_bug.cgi?id=1830050
bugzilla.redhat.com/show_bug.cgi?id=1830051
bugzilla.redhat.com/show_bug.cgi?id=1830052
bugzilla.redhat.com/show_bug.cgi?id=1830053
bugzilla.redhat.com/show_bug.cgi?id=1830054
bugzilla.redhat.com/show_bug.cgi?id=1830055
bugzilla.redhat.com/show_bug.cgi?id=1830056
bugzilla.redhat.com/show_bug.cgi?id=1830058
bugzilla.redhat.com/show_bug.cgi?id=1830059
bugzilla.redhat.com/show_bug.cgi?id=1830060
bugzilla.redhat.com/show_bug.cgi?id=1830061
bugzilla.redhat.com/show_bug.cgi?id=1830062
bugzilla.redhat.com/show_bug.cgi?id=1830064
bugzilla.redhat.com/show_bug.cgi?id=1830066
bugzilla.redhat.com/show_bug.cgi?id=1830067
bugzilla.redhat.com/show_bug.cgi?id=1830068
bugzilla.redhat.com/show_bug.cgi?id=1830069
bugzilla.redhat.com/show_bug.cgi?id=1830070
bugzilla.redhat.com/show_bug.cgi?id=1830071
bugzilla.redhat.com/show_bug.cgi?id=1830072
bugzilla.redhat.com/show_bug.cgi?id=1830073
bugzilla.redhat.com/show_bug.cgi?id=1830074
bugzilla.redhat.com/show_bug.cgi?id=1830075
bugzilla.redhat.com/show_bug.cgi?id=1830076
bugzilla.redhat.com/show_bug.cgi?id=1830077
bugzilla.redhat.com/show_bug.cgi?id=1830078
bugzilla.redhat.com/show_bug.cgi?id=1830079
bugzilla.redhat.com/show_bug.cgi?id=1830082
bugzilla.redhat.com/show_bug.cgi?id=1835849
bugzilla.redhat.com/show_bug.cgi?id=1835850
bugzilla.redhat.com/show_bug.cgi?id=1865945
bugzilla.redhat.com/show_bug.cgi?id=1865947
bugzilla.redhat.com/show_bug.cgi?id=1865948
bugzilla.redhat.com/show_bug.cgi?id=1865949
bugzilla.redhat.com/show_bug.cgi?id=1865950
bugzilla.redhat.com/show_bug.cgi?id=1865951
bugzilla.redhat.com/show_bug.cgi?id=1865952
bugzilla.redhat.com/show_bug.cgi?id=1865953
bugzilla.redhat.com/show_bug.cgi?id=1865954
bugzilla.redhat.com/show_bug.cgi?id=1865955
bugzilla.redhat.com/show_bug.cgi?id=1865956
bugzilla.redhat.com/show_bug.cgi?id=1865958
bugzilla.redhat.com/show_bug.cgi?id=1865959
bugzilla.redhat.com/show_bug.cgi?id=1865960
bugzilla.redhat.com/show_bug.cgi?id=1865961
bugzilla.redhat.com/show_bug.cgi?id=1865962
bugzilla.redhat.com/show_bug.cgi?id=1865963
bugzilla.redhat.com/show_bug.cgi?id=1865964
bugzilla.redhat.com/show_bug.cgi?id=1865965
bugzilla.redhat.com/show_bug.cgi?id=1865966
bugzilla.redhat.com/show_bug.cgi?id=1865967
bugzilla.redhat.com/show_bug.cgi?id=1865968
bugzilla.redhat.com/show_bug.cgi?id=1865969
bugzilla.redhat.com/show_bug.cgi?id=1865970
bugzilla.redhat.com/show_bug.cgi?id=1865971
bugzilla.redhat.com/show_bug.cgi?id=1865972
bugzilla.redhat.com/show_bug.cgi?id=1865973
bugzilla.redhat.com/show_bug.cgi?id=1865974
bugzilla.redhat.com/show_bug.cgi?id=1865975
bugzilla.redhat.com/show_bug.cgi?id=1865976
bugzilla.redhat.com/show_bug.cgi?id=1865977
bugzilla.redhat.com/show_bug.cgi?id=1865982
bugzilla.redhat.com/show_bug.cgi?id=1874040
errata.rockylinux.org/RLSA-2020:3732
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:N/I:N/A:C
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
HIGH
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
AI Score
Confidence
High
EPSS
Percentile
82.5%