Acunetix DAST powers runtime capabilities for Invicti’s complete AppSec platform. Visit Invicti for more.

WEB APPLICATION VULNERABILITIES Standard & Premium

MySQL CVE-2019-2911 Vulnerability (CVE-2019-2911)

Description

Vulnerability in the MySQL Server product of Oracle MySQL (component: Information Schema). Supported versions that are affected are 5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).

Remediation

References

Related Vulnerabilities

ReviveAdserver URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2019-5433)

WordPress Plugin Image Gallery-Responsive Photo Gallery Multiple Unspecified Vulnerabilities (1.9.58)

WordPress Plugin Formidable-Clockwork SMS Cross-Site Scripting (1.0.3)

WordPress Plugin MegaOptim Image Optimizer Unspecified Vulnerability (1.3.2)

WordPress Server-Side Request Forgery (SSRF) Vulnerability (CVE-2019-17669)

Severity

Low

Classification

CVE-2019-2911 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N

Tags

Missing Update Known Vulnerabilities