Vulnerabilities > CVE-2019-2513
Summary
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Shell). Supported versions that are affected are 8.0.13 and prior. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 2.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:L/UI:R/S:C/C:L/I:N/A:N).
Vulnerable Configurations
Part | Description | Count |
---|---|---|
Application | 9 | |
Application | 9 |
Nessus
NASL family Databases NASL id MYSQL_8_0_14.NASL description The version of MySQL running on the remote host is 8.0.x prior to 8.0.14. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the January 2019 Critical Patch Update advisory: - An unspecified vulnerability in MySQL in the last seen 2020-06-01 modified 2020-06-02 plugin id 121229 published 2019-01-17 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121229 title MySQL 8.0.x < 8.0.14 Multiple Vulnerabilities (Jan 2019 CPU) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_D3D02D3A224211E9B95CB499BAEBFEAF.NASL description Oracle reports : Please reference CVE/URL list for details Not all listed CVE last seen 2020-03-18 modified 2019-01-28 plugin id 121406 published 2019-01-28 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121406 title FreeBSD : MySQL -- multiple vulnerabilities (d3d02d3a-2242-11e9-b95c-b499baebfeaf)
References
- http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
- http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
- http://www.securityfocus.com/bid/106622
- http://www.securityfocus.com/bid/106622
- https://security.netapp.com/advisory/ntap-20190118-0002/
- https://security.netapp.com/advisory/ntap-20190118-0002/