CVE-2020-2752

LOW

Description

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.47 and prior, 5.7.27 and prior and 8.0.17 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).

References

http://lists.opensuse.org/opensuse-security-announce/2020-06/msg00054.html

https://lists.fedoraproject.org/archives/list/[email protected]/message/UW2ED32VEUHXFN2J3YQE27JIBV4SC2PI/

https://security.netapp.com/advisory/ntap-20200416-0003/

https://www.oracle.com/security-alerts/cpuapr2020.html

Details

Source: MITRE

Published: 2020-04-15

Updated: 2020-06-26

Type: NVD-CWE-noinfo

Risk Information

CVSS v2.0

Base Score: 3.5

Vector: AV:N/AC:M/Au:S/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 6.8

Severity: LOW

CVSS v3.0

Base Score: 5.3

Vector: CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 1.6

Severity: MEDIUM

Tenable Plugins

View all (24 total)

ID	Name	Product	Family	Severity
141723	Scientific Linux Security Update : mariadb on SL7.x x86_64 (20201001)	Nessus	Scientific Linux Local Security Checks	medium
141610	CentOS 7 : mariadb (CESA-2020:4026)	Nessus	CentOS Local Security Checks	medium
141035	RHEL 7 : mariadb (RHSA-2020:4026)	Nessus	Red Hat Local Security Checks	medium
140614	Oracle Linux 8 : mysql:8.0 (ELSA-2020-3732)	Nessus	Oracle Linux Local Security Checks	medium
140599	RHEL 8 : mysql:8.0 (RHSA-2020:3757)	Nessus	Red Hat Local Security Checks	medium
140598	RHEL 8 : mysql:8.0 (RHSA-2020:3755)	Nessus	Red Hat Local Security Checks	medium
138704	openSUSE Security Update : mariadb (openSUSE-2020-870)	Nessus	SuSE Local Security Checks	medium
138309	SUSE SLES12 Security Update : mariadb-100 (SUSE-SU-2020:1798-1)	Nessus	SuSE Local Security Checks	medium
138287	SUSE SLES15 Security Update : mariadb (SUSE-SU-2020:1711-1)	Nessus	SuSE Local Security Checks	medium
138286	SUSE SLES12 Security Update : mariadb (SUSE-SU-2020:1710-1)	Nessus	SuSE Local Security Checks	medium
138103	MariaDB 10.3.0 < 10.3.23 Multiple Vulnerabilities	Nessus	Databases	medium
138102	MariaDB 10.4.0 < 10.4.13 Multiple Vulnerabilities	Nessus	Databases	medium
138101	MariaDB 10.2.0 < 10.2.32 Multiple Vulnerabilities	Nessus	Databases	medium
138100	MariaDB 5.5.0 < 5.5.68 Multiple Vulnerabilities	Nessus	Databases	medium
138099	MariaDB 10.1.0 < 10.1.45 Multiple Vulnerabilities	Nessus	Databases	medium
137422	Fedora 32 : 3:mariadb / galera / mariadb-connector-c (2020-35f52d9370)	Nessus	Fedora Local Security Checks	medium
136556	Photon OS 1.0: Mysql PHSA-2020-1.0-0292	Nessus	PhotonOS Local Security Checks	medium
136544	Slackware 14.1 / current : mariadb (SSA:2020-133-01)	Nessus	Slackware Local Security Checks	medium
136408	Photon OS 2.0: Mysql PHSA-2020-2.0-0239	Nessus	PhotonOS Local Security Checks	medium
135942	FreeBSD : MySQL Client -- Multiple vulerabilities (622b5c47-855b-11ea-a5e2-d4c9ef517024)	Nessus	FreeBSD Local Security Checks	medium
135872	Photon OS 3.0: Mysql PHSA-2020-3.0-0082	Nessus	PhotonOS Local Security Checks	medium
135699	MySQL 5.6.x < 5.6.48 Multiple Vulnerabilities (Apr 2020 CPU)	Nessus	Databases	medium
130027	MySQL 8.0.x < 8.0.18 Multiple Vulnerabilities (Oct 2019 CPU)	Nessus	Databases	medium
130026	MySQL 5.7.x < 5.7.28 Multiple Vulnerabilities (Oct 2019 CPU)	Nessus	Databases	medium