Lucene search

K
ubuntucveUbuntu.comUB:CVE-2020-2627
HistoryJan 15, 2020 - 12:00 a.m.

CVE-2020-2627

2020-01-1500:00:00
ubuntu.com
ubuntu.com
14
vulnerability
oracle mysql
server
compromise
crash
dos
cvss 3.0
availability

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

45.2%

Vulnerability in the MySQL Server product of Oracle MySQL (component:
Server: Parser). Supported versions that are affected are 8.0.18 and prior.
Easily exploitable vulnerability allows low privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized ability
to cause a hang or frequently repeatable crash (complete DOS) of MySQL
Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector:
(CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Notes

Author Note
leosilva since 5.5 is no longer upstream supported and so far we cannot patch it, marking it as ignored.
mdeslaur 8.0.x only
OSVersionArchitecturePackageVersionFilename
ubuntu19.10noarchmysql-8.0< 8.0.19-0ubuntu0.19.10.3UNKNOWN
ubuntu20.04noarchmysql-8.0< 8.0.19-0ubuntu2UNKNOWN
ubuntu20.10noarchmysql-8.0< 8.0.19-0ubuntu2UNKNOWN
ubuntu21.04noarchmysql-8.0< 8.0.19-0ubuntu2UNKNOWN
ubuntu21.10noarchmysql-8.0< 8.0.19-0ubuntu2UNKNOWN
ubuntu22.04noarchmysql-8.0< 8.0.19-0ubuntu2UNKNOWN
ubuntu22.10noarchmysql-8.0< 8.0.19-0ubuntu2UNKNOWN
ubuntu23.04noarchmysql-8.0< 8.0.19-0ubuntu2UNKNOWN
ubuntu23.10noarchmysql-8.0< 8.0.19-0ubuntu2UNKNOWN
ubuntu24.04noarchmysql-8.0< 8.0.19-0ubuntu2UNKNOWN
Rows per page:
1-10 of 121

CVSS2

4

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

CVSS3

6.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

EPSS

0.001

Percentile

45.2%