Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2019-2435

Опубликовано: 16 янв. 2019
Источник: nvd
CVSS3: 8.1
CVSS2: 5.8
EPSS Низкий

Описание

Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Python). Supported versions that are affected are 8.0.13 and prior and 2.1.8 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Connectors accessible data as well as unauthorized access to critical data or complete access to all MySQL Connectors accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N).

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*
Версия от 2.1.0 (включая) до 2.1.8 (включая)
cpe:2.3:a:oracle:mysql_connectors:*:*:*:*:*:*:*:*
Версия от 8.0.0 (включая) до 8.0.13 (включая)
Конфигурация 2

Одно из

cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*
Версия от 7.3 (включая)
cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vsphere:*:*
Версия от 9.5 (включая)
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*

EPSS

Процентиль: 86%
0.02728
Низкий

8.1 High

CVSS3

5.8 Medium

CVSS2

Дефекты

NVD-CWE-noinfo

Связанные уязвимости

ubuntu логотип

CVE-2019-2435

CVSS3: 8.1
ubuntu
около 7 лет назад

Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/Python). Supported versions that are affected are 8.0.13 and prior and 2.1.8 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via TLS to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Connectors accessible data as well as unauthorized access to critical data or complete access to all MySQL Connectors accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N).

debian логотип

CVE-2019-2435

CVSS3: 8.1
debian
около 7 лет назад

Vulnerability in the MySQL Connectors component of Oracle MySQL (subco ...

suse-cvrf логотип

openSUSE-SU-2020:0409-1

suse-cvrf
почти 6 лет назад

Security update for python-mysql-connector-python

github логотип

GHSA-v5rq-w2xm-7g5f

CVSS3: 8.1
github
больше 3 лет назад

Improper Access Control in MySQL Connector Python

fstec логотип

BDU:2019-00295

CVSS3: 8.1
fstec
около 7 лет назад

Уязвимость подкомпонента Connector/Python компонента MySQL Connectors системы управления базами данных MySQL, позволяющая нарушителю получить несанкционированный доступ к защищаемым данным

EPSS

Процентиль: 86%
0.02728
Низкий

8.1 High

CVSS3

5.8 Medium

CVSS2

Дефекты

NVD-CWE-noinfo