What is the severity of CVE-2019-2482?

The severity of CVE-2019-2482 is medium with a severity value of 6.5.

Which versions of MySQL are affected by CVE-2019-2482?

The affected versions of MySQL are 5.6.42 and prior, 5.7.24 and prior, and 8.0.13 and prior.

How can a low privileged attacker exploit CVE-2019-2482?

A low privileged attacker with network access via multiple protocols can easily exploit CVE-2019-2482.

How can I fix CVE-2019-2482 in MySQL version 5.6.42?

To fix CVE-2019-2482 in MySQL version 5.6.42, you should upgrade to version 5.6.43.

Where can I find more information about CVE-2019-2482?

You can find more information about CVE-2019-2482 on the Oracle and Red Hat websites.

Vulnerability/
CVE-2019-2482

medium

6.5

16/1/2019

16/2/2021

CVE-2019-2482

First published: Wed Jan 16 2019(Updated: )

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: PS). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H).

Credit: secalert_us@oracle.com secalert_us@oracle.com

Affected Software	Affected Version	How to fix
Oracle MySQL	>=5.6.0<=5.6.42
Oracle MySQL	>=5.7.0<=5.7.24
Oracle MySQL	>=8.0.0<=8.0.13
ubuntu/mysql-5.6	<5.6.43	5.6.43
ubuntu/mysql-5.7	<5.7.25-0ubuntu0.18.04.2	5.7.25-0ubuntu0.18.04.2
ubuntu/mysql-5.7	<5.7.25-0ubuntu0.18.10.2	5.7.25-0ubuntu0.18.10.2
ubuntu/mysql-5.7	<5.7.25-1	5.7.25-1
ubuntu/mysql-5.7	<5.7.25	5.7.25
ubuntu/mysql-5.7	<5.7.25-0ubuntu0.16.04.2	5.7.25-0ubuntu0.16.04.2
debian/mysql-5.7
	>=5.6.0<=5.6.42
	>=5.7.0<=5.7.24
	>=8.0.0<=8.0.13
redhat/mysql	<5.6.43	5.6.43
redhat/mysql	<5.7.25	5.7.25
redhat/mysql	<8.0.14	8.0.14

Remedy

http://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

USN-3867-1

Frequently Asked Questions

What is the severity of CVE-2019-2482?
The severity of CVE-2019-2482 is medium with a severity value of 6.5.
Which versions of MySQL are affected by CVE-2019-2482?
The affected versions of MySQL are 5.6.42 and prior, 5.7.24 and prior, and 8.0.13 and prior.
How can a low privileged attacker exploit CVE-2019-2482?
A low privileged attacker with network access via multiple protocols can easily exploit CVE-2019-2482.
How can I fix CVE-2019-2482 in MySQL version 5.6.42?
To fix CVE-2019-2482 in MySQL version 5.6.42, you should upgrade to version 5.6.43.
Where can I find more information about CVE-2019-2482?
You can find more information about CVE-2019-2482 on the Oracle and Red Hat websites.

collector/nvd-index
agent/type
agent/first-publish-date
agent/last-modified-date
collector/launchpad-cve
source/Launchpad
agent/softwarecombine
agent/author
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2019-2482
agent/software-canonical-lookup
agent/severity
agent/references
agent/remedy
collector/nvd-cve
source/NVD
collector/security-tracker-debian
source/Debian
agent/tags
agent/description
agent/event
collector/usn-cve
source/Ubuntu
vendor/oracle
canonical/oracle mysql
version/oracle mysql/5.6.0
version/oracle mysql/5.6.42
version/oracle mysql/5.7.0
version/oracle mysql/5.7.24
version/oracle mysql/8.0.0
version/oracle mysql/8.0.13
package-manager/redhat
package-manager/debian
package-manager/ubuntu