CVE-2020-2574

Vulnerability in the MySQL Client product of Oracle MySQL (component: C API). Supported versions that are affected are 5.6.46 and prior, 5.7.28 and prior and 8.0.18 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client. CVSS 3.0 Base Score 5.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H).
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*

Configuration 4 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*

Configuration 5 (hide)

cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*

History

04 Aug 2022, 19:55

Type Values Removed Values Added
First Time Mariadb
Opensuse leap
Mariadb mariadb
Opensuse
Canonical
Canonical ubuntu Linux
Netapp
Netapp snapcenter
Netapp oncommand Workflow Automation
Netapp oncommand Insight
Netapp active Iq Unified Manager
CPE cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
cpe:2.3:o:opensuse:leap:15.1:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:linux:*:*
cpe:2.3:o:canonical:ubuntu_linux:19.10:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
References (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00007.html - (SUSE) http://lists.opensuse.org/opensuse-security-announce/2020-03/msg00007.html - Mailing List, Third Party Advisory
References (MLIST) http://www.openwall.com/lists/oss-security/2020/09/29/1 - (MLIST) http://www.openwall.com/lists/oss-security/2020/09/29/1 - Mailing List, Third Party Advisory
References (UBUNTU) https://usn.ubuntu.com/4250-2/ - (UBUNTU) https://usn.ubuntu.com/4250-2/ - Third Party Advisory
References (GENTOO) https://security.gentoo.org/glsa/202105-27 - (GENTOO) https://security.gentoo.org/glsa/202105-27 - Third Party Advisory
References (UBUNTU) https://usn.ubuntu.com/4250-1/ - (UBUNTU) https://usn.ubuntu.com/4250-1/ - Third Party Advisory
References (CONFIRM) https://security.netapp.com/advisory/ntap-20200122-0002/ - (CONFIRM) https://security.netapp.com/advisory/ntap-20200122-0002/ - Third Party Advisory

26 May 2021, 12:15

Type Values Removed Values Added
References
  • (GENTOO) https://security.gentoo.org/glsa/202105-27 -

Information

Published : 2020-01-15 17:15

Updated : 2023-12-10 13:13


NVD link : CVE-2020-2574

Mitre link : CVE-2020-2574

CVE.ORG link : CVE-2020-2574


JSON object : View

Products Affected

netapp

  • oncommand_workflow_automation
  • snapcenter
  • oncommand_insight
  • active_iq_unified_manager

mariadb

  • mariadb

opensuse

  • leap

oracle

  • mysql

canonical

  • ubuntu_linux