Description

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 5.7.31 and prior and 8.0.21 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base Score 2.2 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L).

Remediation

References

CVE-2020-14771

Related Vulnerabilities

WordPress Plugin Widgets for SiteOrigin Unspecified Vulnerability (1.4.4)

WordPress Plugin Post Custom Templates Lite Cross-Site Scripting (1.6)

Magento Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-8131)

Atlassian Confluence CVE-2023-22503 Vulnerability (CVE-2023-22503)

MySQL Resource Management Errors Vulnerability (CVE-2010-3837)

Severity

Low

Classification

CVE-2020-14771 CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L CVSS:4.0/AV:N/AC:H/AT:N/PR:H/UI:N/VC:N/VI:N/VA:L/SC:N/SI:N/SA:N

Tags

Missing Update Known Vulnerabilities