Security Advisories

CVE-2020-14553

Published

Last updated

https://nvd.nist.gov/vuln/detail/CVE-2020-14553

Severity

4.3

Medium

CVSS V3

Description

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Pluggable Auth). Supported versions that are affected are 5.7.30 and prior and 8.0.20 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data. CVSS 3.1 Base Score 4.3 (Integrity impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).

References

https://github.com/advisories/GHSA-gh24-phrx-r279
https://security.gentoo.org/glsa/202105-27
https://security.netapp.com/advisory/ntap-20200717-0004/
https://www.oracle.com/security-alerts/cpujul2020.html
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/CAI7GRYZ5265JVKHC6VXI57MNJDDB63C/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/HYQPCHGCVKFS3H226QQKZFQP56JYOQ3T/
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/SA2XMR2ZY2BPR3VLTDVLNV74JL7TA7KL/
https://usn.ubuntu.com/4441-1/

Affected packages

Advisories are based on vulnerability information provided by Grype from Anchore. Learn how Chainguard creates security advisories.

CVE-2020-14553

Severity

Description

References

Affected packages

Product

Why Chainguard

Customers

Company

Resources