Lucene search

K
ubuntucveUbuntu.comUB:CVE-2020-14539
HistoryJul 15, 2020 - 12:00 a.m.

CVE-2020-14539

2020-07-1500:00:00
ubuntu.com
ubuntu.com
18
oracle mysql server
vulnerability
dos

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

47.3%

Vulnerability in the MySQL Server product of Oracle MySQL (component:
Server: Optimizer). Supported versions that are affected are 5.6.48 and
prior, 5.7.30 and prior and 8.0.20 and prior. Easily exploitable
vulnerability allows low privileged attacker with network access via
multiple protocols to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized ability to cause a hang or
frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base
Score 6.5 (Availability impacts). CVSS Vector:
(CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Notes

Author Note
leosilva since 5.5 is no longer upstream supported and so far we cannot patch it, marking it as ignored.
OSVersionArchitecturePackageVersionFilename
ubuntu18.04noarchmysql-5.7< 5.7.31-0ubuntu0.18.04.1UNKNOWN
ubuntu16.04noarchmysql-5.7< 5.7.31-0ubuntu0.16.04.1UNKNOWN
ubuntu20.04noarchmysql-8.0< 8.0.21-0ubuntu0.20.04.3UNKNOWN
ubuntu20.10noarchmysql-8.0< 8.0.21-0ubuntu3UNKNOWN
ubuntu21.04noarchmysql-8.0< 8.0.21-0ubuntu3UNKNOWN
ubuntu21.10noarchmysql-8.0< 8.0.21-0ubuntu3UNKNOWN
ubuntu22.04noarchmysql-8.0< 8.0.21-0ubuntu3UNKNOWN
ubuntu22.10noarchmysql-8.0< 8.0.21-0ubuntu3UNKNOWN
ubuntu23.04noarchmysql-8.0< 8.0.21-0ubuntu3UNKNOWN
ubuntu23.10noarchmysql-8.0< 8.0.21-0ubuntu3UNKNOWN
Rows per page:
1-10 of 131

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

47.3%