Description

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Performance Schema). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N).

Remediation

References

CVE-2018-2645

Related Vulnerabilities

WordPress Plugin Post Grid, List for WordPress-Content Views Cross-Site Scripting (1.9.0)

WordPress Plugin Easy Custom Sidebars Unspecified Vulnerability (1.0.1)

WordPress Plugin WooCommerce Email Test Information Disclosure (1.5)

Artifactory Weak Password Requirements Vulnerability (CVE-2019-17444)

MySQL CVE-2019-2950 Vulnerability (CVE-2019-2950)

Severity

Medium

Classification

CVE-2018-2645 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:N/A:N

Tags

Missing Update Known Vulnerabilities