Description
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: C API). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
Remediation
References
Related Vulnerabilities
Nginx Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2019-9511)
Joomla! Core 3.x.x Security Bypass (3.0.0 - 3.9.23)
Mailman Other Vulnerability (CVE-2001-0884)
MediaWiki Permissions, Privileges, and Access Controls Vulnerability (CVE-2013-2032)
WordPress Plugin Print Invoice & Delivery Notes for WooCommerce Cross-Site Request Forgery (4.7.2)