CVE-2019-2503

CVSS v3.1 6.4 (Medium)

CVSS v2.0 3.8 (Low)

EPSS 0.12 % (46^th)

Affected Products 13

Advisories 17

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Connection Handling). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.4 (Confidentiality and Availability impacts). CVSS Vector: (CVSS:3.0/AV:A/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:H).

Weaknesses

CWE-NVD-noinfo

Related CVEs

CVE-2020-28912

CVE Status: PUBLISHED
CNA: Oracle
Published Date: 2019-01-16 19:30:34
(5 years ago)
Updated Date: 2022-08-04 19:53:20
(2 years ago)

Affected Products

Canonical

Ubuntu Linux

Mariadb

Mariadb

Netapp

Oracle

Mysql

Redhat

Configuration #1

	CPE23	From	Up To
Oracle Mysql from 5.6.0 version and 5.6.42 and prior versions	cpe:2.3:a:oracle:mysql	>= 5.6.0	<= 5.6.42
Oracle Mysql from 5.7.0 version and 5.7.24 and prior versions	cpe:2.3:a:oracle:mysql	>= 5.7.0	<= 5.7.24
Oracle Mysql from 8.0.0 version and 8.0.13 and prior versions	cpe:2.3:a:oracle:mysql	>= 8.0.0	<= 8.0.13

Configuration #2

	CPE23	From	Up To
Mariadb from 5.5.0 version and prior 5.5.62 version	cpe:2.3:a:mariadb:mariadb	>= 5.5.0	< 5.5.62
Mariadb from 10.0.0 version and prior 10.0.37 version	cpe:2.3:a:mariadb:mariadb	>= 10.0.0	< 10.0.37
Mariadb from 10.1.0 version and prior 10.1.36 version	cpe:2.3:a:mariadb:mariadb	>= 10.1.0	< 10.1.36
Mariadb from 10.2.0 version and prior 10.2.18 version	cpe:2.3:a:mariadb:mariadb	>= 10.2.0	< 10.2.18
Mariadb from 10.3.0 version and prior 10.3.10 version	cpe:2.3:a:mariadb:mariadb	>= 10.3.0	< 10.3.10

Configuration #3

	CPE23	From
Netapp Active Iq Unified Manager for Windows from 7.3 version	cpe:2.3:a:netapp:active_iq_unified_manager::::::windows	>= 7.3
Netapp Active Iq Unified Manager for Vmware Vsphere from 9.5 version	cpe:2.3:a:netapp:active_iq_unified_manager::::::vmware_vsphere	>= 9.5
Netapp Oncommand Insight	cpe:2.3:a:netapp:oncommand_insight:-
Netapp Oncommand Workflow Automation	cpe:2.3:a:netapp:oncommand_workflow_automation:-
Netapp Snapcenter	cpe:2.3:a:netapp:snapcenter:-

Configuration #4

		CPE23	From	Up To
	Canonical Ubuntu Linux 16.04	cpe:2.3:o:canonical:ubuntu_linux:16.04:::*:esm
	Canonical Ubuntu Linux 18.04	cpe:2.3:o:canonical:ubuntu_linux:18.04:::*:lts
	Canonical Ubuntu Linux 18.10	cpe:2.3:o:canonical:ubuntu_linux:18.10

Configuration #5

		CPE23	From	Up To
	Redhat Enterprise Linux Desktop 7.0	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
	Redhat Enterprise Linux Desktop 8.0	cpe:2.3:o:redhat:enterprise_linux_desktop:8.0
	Redhat Enterprise Linux Eus 8.1	cpe:2.3:o:redhat:enterprise_linux_eus:8.1
	Redhat Enterprise Linux Eus 8.2	cpe:2.3:o:redhat:enterprise_linux_eus:8.2
	Redhat Enterprise Linux Eus 8.4	cpe:2.3:o:redhat:enterprise_linux_eus:8.4
	Redhat Enterprise Linux Eus 8.6	cpe:2.3:o:redhat:enterprise_linux_eus:8.6
	Redhat Enterprise Linux Server 7.0	cpe:2.3:o:redhat:enterprise_linux_server:7.0
	Redhat Enterprise Linux Server 8.0	cpe:2.3:o:redhat:enterprise_linux_server:8.0
	Redhat Enterprise Linux Server Aus 8.2	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.2
	Redhat Enterprise Linux Server Aus 8.4	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.4
	Redhat Enterprise Linux Server Aus 8.6	cpe:2.3:o:redhat:enterprise_linux_server_aus:8.6
	Redhat Enterprise Linux Server Tus 8.2	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.2
	Redhat Enterprise Linux Server Tus 8.4	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.4
	Redhat Enterprise Linux Server Tus 8.6	cpe:2.3:o:redhat:enterprise_linux_server_tus:8.6
	Redhat Enterprise Linux Workstation 7.0	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0
	Redhat Enterprise Linux Workstation 8.0	cpe:2.3:o:redhat:enterprise_linux_workstation:8.0