Lucene search

K
ubuntucveUbuntu.comUB:CVE-2019-2914
HistoryOct 16, 2019 - 12:00 a.m.

CVE-2019-2914

2019-10-1600:00:00
ubuntu.com
ubuntu.com
20

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

48.2%

Vulnerability in the MySQL Server product of Oracle MySQL (component:
Server: Security: Encryption). Supported versions that are affected are
5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability
allows low privileged attacker with network access via multiple protocols
to compromise MySQL Server. Successful attacks of this vulnerability can
result in unauthorized ability to cause a hang or frequently repeatable
crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability
impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Bugs

Notes

Author Note
leosilva since 5.5 is no longer upstream supported and so far we cannot patch it marking as ignored.
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchmysql-5.7< 5.7.28-0ubuntu0.18.04.4UNKNOWN
ubuntu19.04noarchmysql-5.7< 5.7.28-0ubuntu0.19.04.2UNKNOWN
ubuntu16.04noarchmysql-5.7< 5.7.28-0ubuntu0.16.04.2UNKNOWN
ubuntu19.10noarchmysql-8.0< 8.0.18-0ubuntu0.19.10.1UNKNOWN
ubuntu20.04noarchmysql-8.0< 8.0.18-0ubuntu3UNKNOWN
ubuntu20.10noarchmysql-8.0< 8.0.18-0ubuntu3UNKNOWN
ubuntu21.04noarchmysql-8.0< 8.0.18-0ubuntu3UNKNOWN
ubuntu21.10noarchmysql-8.0< 8.0.18-0ubuntu3UNKNOWN
ubuntu22.04noarchmysql-8.0< 8.0.18-0ubuntu3UNKNOWN
ubuntu22.10noarchmysql-8.0< 8.0.18-0ubuntu3UNKNOWN
Rows per page:
1-10 of 151

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

48.2%