Description

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 8.0.15 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Remediation

References

CVE-2019-2625

Related Vulnerabilities

ownCloud Improper Neutralization of Special Elements used in an OS Command ('OS Command Injection') Vulnerability (CVE-2015-7698)

Joomla Improper Input Validation Vulnerability (CVE-2011-2892)

Jboss EAP Deserialization of Untrusted Data Vulnerability (CVE-2021-4104)

Oracle Database Server CVE-2011-2257 Vulnerability (CVE-2011-2257)

Apache Tomcat Numeric Errors Vulnerability (CVE-2014-0099)

Severity

Medium

Classification

CVE-2019-2625 CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities