What is the severity of CVE-2020-2774?

CVE-2020-2774 is considered an easily exploitable vulnerability that allows a high privileged attacker to compromise MySQL Server.

How do I fix CVE-2020-2774?

To fix CVE-2020-2774, upgrade your MySQL Server to version 8.0.19 or later.

Which versions of MySQL are affected by CVE-2020-2774?

CVE-2020-2774 affects MySQL Server versions 8.0.18 and prior.

Can CVE-2020-2774 be exploited remotely?

Yes, CVE-2020-2774 can be exploited remotely by attackers with network access.

What types of attacks can CVE-2020-2774 enable?

CVE-2020-2774 can enable attackers to compromise MySQL Server through various protocols due to privilege escalation.

Vulnerability/
CVE-2020-2774

medium

4.9

15/4/2020

30/9/2024

CVE-2020-2774

First published: Wed Apr 15 2020(Updated: )

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Credit: secalert_us@oracle.com

Affected Software	Affected Version	How to fix
redhat/mysql	<8.0.19	8.0.19
MySQL	>=8.0.0<=8.0.19
Fedoraproject Fedora	=30
Fedoraproject Fedora	=31
Fedoraproject Fedora	=32
netapp active iq unified manager windows	>=7.3
NetApp Active IQ Unified Manager for VMware vSphere	>=9.5
NetApp OnCommand Insight
NetApp OnCommand Workflow Automation
NetApp SnapCenter

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2020-2774?
CVE-2020-2774 is considered an easily exploitable vulnerability that allows a high privileged attacker to compromise MySQL Server.
How do I fix CVE-2020-2774?
To fix CVE-2020-2774, upgrade your MySQL Server to version 8.0.19 or later.
Which versions of MySQL are affected by CVE-2020-2774?
CVE-2020-2774 affects MySQL Server versions 8.0.18 and prior.
Can CVE-2020-2774 be exploited remotely?
Yes, CVE-2020-2774 can be exploited remotely by attackers with network access.
What types of attacks can CVE-2020-2774 enable?
CVE-2020-2774 can enable attackers to compromise MySQL Server through various protocols due to privilege escalation.

agent/type
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2020-2774
agent/software-canonical-lookup
agent/author
agent/description
agent/severity
agent/references
agent/event
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/tags
agent/softwarecombine
collector/nvd-index
agent/software-canonical-lookup-request
package-manager/redhat
vendor/oracle
canonical/mysql
version/mysql/8.0.0
version/mysql/8.0.19
vendor/fedoraproject
canonical/fedoraproject fedora
version/fedoraproject fedora/30
version/fedoraproject fedora/31
version/fedoraproject fedora/32
vendor/netapp
canonical/netapp active iq unified manager windows
version/netapp active iq unified manager windows/7.3
canonical/netapp active iq unified manager for vmware vsphere
version/netapp active iq unified manager for vmware vsphere/9.5
canonical/netapp oncommand insight
canonical/netapp oncommand workflow automation
canonical/netapp snapcenter