ID CVE-2020-2570
Summary Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:mysql:5.7.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.0:*:*:*:-:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.0:*:*:*:-:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.0:*:*:*:community:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.0:*:*:*:community:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.0:*:*:*:enterprise:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.0:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.5:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.6:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.7:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.9:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.9:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.10:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.10:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.11:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.11:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.12:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.13:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.13:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.14:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.14:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.15:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.15:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.16:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.16:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.17:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.17:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.18:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.18:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.19:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.19:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.20:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.20:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.21:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.21:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.22:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.22:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.23:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.23:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.24:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.24:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.25:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.25:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.26:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.26:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.27:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.27:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.7.28:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.7.28:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:8.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:8.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:8.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:8.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:8.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:8.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:8.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:8.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:8.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:8.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:8.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:8.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:8.0.10:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:8.0.10:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:8.0.11:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:8.0.11:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:8.0.12:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:8.0.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:8.0.13:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:8.0.13:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:8.0.14:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:8.0.14:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:8.0.15:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:8.0.15:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:8.0.16:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:8.0.16:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:8.0.17:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:8.0.17:*:*:*:*:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
  • cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
    cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
CVSS
Base: 4.3 (as of 30-12-2021 - 13:55)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM NONE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:N/C:N/I:N/A:P
redhat via4
rpms
  • rh-mysql80-mysql-0:8.0.21-1.el7
  • rh-mysql80-mysql-common-0:8.0.21-1.el7
  • rh-mysql80-mysql-config-0:8.0.21-1.el7
  • rh-mysql80-mysql-config-syspaths-0:8.0.21-1.el7
  • rh-mysql80-mysql-debuginfo-0:8.0.21-1.el7
  • rh-mysql80-mysql-devel-0:8.0.21-1.el7
  • rh-mysql80-mysql-errmsg-0:8.0.21-1.el7
  • rh-mysql80-mysql-server-0:8.0.21-1.el7
  • rh-mysql80-mysql-server-syspaths-0:8.0.21-1.el7
  • rh-mysql80-mysql-syspaths-0:8.0.21-1.el7
  • rh-mysql80-mysql-test-0:8.0.21-1.el7
  • mecab-0:0.996-1.module+el8.0.0+3898+e09bb8de.9
  • mecab-debuginfo-0:0.996-1.module+el8.0.0+3898+e09bb8de.9
  • mecab-debugsource-0:0.996-1.module+el8.0.0+3898+e09bb8de.9
  • mecab-ipadic-0:2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de
  • mecab-ipadic-EUCJP-0:2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de
  • mysql-0:8.0.21-1.module+el8.2.0+7855+47abd494
  • mysql-common-0:8.0.21-1.module+el8.2.0+7855+47abd494
  • mysql-debuginfo-0:8.0.21-1.module+el8.2.0+7855+47abd494
  • mysql-debugsource-0:8.0.21-1.module+el8.2.0+7855+47abd494
  • mysql-devel-0:8.0.21-1.module+el8.2.0+7855+47abd494
  • mysql-devel-debuginfo-0:8.0.21-1.module+el8.2.0+7855+47abd494
  • mysql-errmsg-0:8.0.21-1.module+el8.2.0+7855+47abd494
  • mysql-libs-0:8.0.21-1.module+el8.2.0+7855+47abd494
  • mysql-libs-debuginfo-0:8.0.21-1.module+el8.2.0+7855+47abd494
  • mysql-server-0:8.0.21-1.module+el8.2.0+7855+47abd494
  • mysql-server-debuginfo-0:8.0.21-1.module+el8.2.0+7855+47abd494
  • mysql-test-0:8.0.21-1.module+el8.2.0+7855+47abd494
  • mysql-test-debuginfo-0:8.0.21-1.module+el8.2.0+7855+47abd494
  • mecab-0:0.996-1.module+el8.0.0+3898+e09bb8de.9
  • mecab-debuginfo-0:0.996-1.module+el8.0.0+3898+e09bb8de.9
  • mecab-debugsource-0:0.996-1.module+el8.0.0+3898+e09bb8de.9
  • mecab-ipadic-0:2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de
  • mecab-ipadic-EUCJP-0:2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de
  • mysql-0:8.0.21-1.module+el8.0.0+7853+3a2b0b25
  • mysql-common-0:8.0.21-1.module+el8.0.0+7853+3a2b0b25
  • mysql-debuginfo-0:8.0.21-1.module+el8.0.0+7853+3a2b0b25
  • mysql-debugsource-0:8.0.21-1.module+el8.0.0+7853+3a2b0b25
  • mysql-devel-0:8.0.21-1.module+el8.0.0+7853+3a2b0b25
  • mysql-devel-debuginfo-0:8.0.21-1.module+el8.0.0+7853+3a2b0b25
  • mysql-errmsg-0:8.0.21-1.module+el8.0.0+7853+3a2b0b25
  • mysql-libs-0:8.0.21-1.module+el8.0.0+7853+3a2b0b25
  • mysql-libs-debuginfo-0:8.0.21-1.module+el8.0.0+7853+3a2b0b25
  • mysql-server-0:8.0.21-1.module+el8.0.0+7853+3a2b0b25
  • mysql-server-debuginfo-0:8.0.21-1.module+el8.0.0+7853+3a2b0b25
  • mysql-test-0:8.0.21-1.module+el8.0.0+7853+3a2b0b25
  • mysql-test-debuginfo-0:8.0.21-1.module+el8.0.0+7853+3a2b0b25
  • mecab-0:0.996-1.module+el8.0.0+3898+e09bb8de.9
  • mecab-debuginfo-0:0.996-1.module+el8.0.0+3898+e09bb8de.9
  • mecab-debugsource-0:0.996-1.module+el8.0.0+3898+e09bb8de.9
  • mecab-ipadic-0:2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de
  • mecab-ipadic-EUCJP-0:2.7.0.20070801-16.module+el8.0.0+3898+e09bb8de
  • mysql-0:8.0.21-1.module+el8.1.0+7854+62e1520f
  • mysql-common-0:8.0.21-1.module+el8.1.0+7854+62e1520f
  • mysql-debuginfo-0:8.0.21-1.module+el8.1.0+7854+62e1520f
  • mysql-debugsource-0:8.0.21-1.module+el8.1.0+7854+62e1520f
  • mysql-devel-0:8.0.21-1.module+el8.1.0+7854+62e1520f
  • mysql-devel-debuginfo-0:8.0.21-1.module+el8.1.0+7854+62e1520f
  • mysql-errmsg-0:8.0.21-1.module+el8.1.0+7854+62e1520f
  • mysql-libs-0:8.0.21-1.module+el8.1.0+7854+62e1520f
  • mysql-libs-debuginfo-0:8.0.21-1.module+el8.1.0+7854+62e1520f
  • mysql-server-0:8.0.21-1.module+el8.1.0+7854+62e1520f
  • mysql-server-debuginfo-0:8.0.21-1.module+el8.1.0+7854+62e1520f
  • mysql-test-0:8.0.21-1.module+el8.1.0+7854+62e1520f
  • mysql-test-debuginfo-0:8.0.21-1.module+el8.1.0+7854+62e1520f
refmap via4
misc https://www.oracle.com/security-alerts/cpujan2020.html
ubuntu USN-4250-1
Last major update 30-12-2021 - 13:55
Published 15-01-2020 - 17:15
Last modified 30-12-2021 - 13:55
Back to Top