What is the severity of CVE-2020-2853?

CVE-2020-2853 has a high severity level due to its ability to allow high privileged attackers to exploit the MySQL Server.

How do I fix CVE-2020-2853?

To mitigate CVE-2020-2853, upgrade MySQL Server to version 8.0.19 or later.

Which versions of MySQL are affected by CVE-2020-2853?

CVE-2020-2853 affects MySQL Server versions 8.0.18 and earlier.

Can CVE-2020-2853 be exploited remotely?

Yes, CVE-2020-2853 can be exploited remotely by attackers with network access to the MySQL Server.

What components of MySQL are impacted by CVE-2020-2853?

CVE-2020-2853 impacts the MySQL Server component, specifically related to security and privileges.

Vulnerability/
CVE-2020-2853

medium

4.9

15/4/2020

27/9/2024

CVE-2020-2853

First published: Wed Apr 15 2020(Updated: )

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.18 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Credit: secalert_us@oracle.com

Affected Software	Affected Version	How to fix
redhat/mysql	<8.0.19	8.0.19
MySQL	>=8.0.0<8.0.19
Red Hat Fedora	=30
Red Hat Fedora	=31
Red Hat Fedora	=32
NetApp Active IQ Unified Manager	>=7.3
NetApp Active IQ Unified Manager for VMware vSphere	>=9.5
NetApp OnCommand Insight
NetApp OnCommand Workflow Automation
NetApp SnapCenter

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is the severity of CVE-2020-2853?
CVE-2020-2853 has a high severity level due to its ability to allow high privileged attackers to exploit the MySQL Server.
How do I fix CVE-2020-2853?
To mitigate CVE-2020-2853, upgrade MySQL Server to version 8.0.19 or later.
Which versions of MySQL are affected by CVE-2020-2853?
CVE-2020-2853 affects MySQL Server versions 8.0.18 and earlier.
Can CVE-2020-2853 be exploited remotely?
Yes, CVE-2020-2853 can be exploited remotely by attackers with network access to the MySQL Server.
What components of MySQL are impacted by CVE-2020-2853?
CVE-2020-2853 impacts the MySQL Server component, specifically related to security and privileges.

agent/type
agent/author
agent/description
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2020-2853
agent/software-canonical-lookup
agent/references
agent/severity
agent/event
agent/first-publish-date
collector/mitre-cve
source/MITRE
agent/last-modified-date
agent/source
agent/softwarecombine
agent/tags
collector/nvd-index
agent/software-canonical-lookup-request
package-manager/redhat
vendor/oracle
canonical/mysql
version/mysql/8.0.0
vendor/fedoraproject
canonical/red hat fedora
version/red hat fedora/30
version/red hat fedora/31
version/red hat fedora/32
vendor/netapp
canonical/netapp active iq unified manager
version/netapp active iq unified manager/7.3
canonical/netapp active iq unified manager for vmware vsphere
version/netapp active iq unified manager for vmware vsphere/9.5
canonical/netapp oncommand insight
canonical/netapp oncommand workflow automation
canonical/netapp snapcenter