CVE-2020-14878
CVE-2020-14878
Vexday Risk Score
21Baixo
Decisão SSVC (CISA)
Track
Sem sinal de exploração → monitorar
CVSS 8EPSS 1.2%KEV nãoPoC —Nuclei —Metasploit —Patch referenciado
Ciclo de vida
21 out 2020Publicada no NVD
Recomendação: Monitorar — sem sinal de exploração no momento.
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: LDAP Auth). Supported versions that are affected are 8.0.21 and prior. Easily exploitable vulnerability allows low privileged attacker with access to the physical communication segment attached to the hardware where the MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 8.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H).
CVSS:3.1/AV:A/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Produtos afetados
Oracle Corporation · MySQL Server