CVE-2019-2435

Priority
Description
Vulnerability in the MySQL Connectors component of Oracle MySQL
(subcomponent: Connector/Python). Supported versions that are affected are
8.0.13 and prior and 2.1.8 and prior. Easily exploitable vulnerability
allows unauthenticated attacker with network access via TLS to compromise
MySQL Connectors. Successful attacks require human interaction from a
person other than the attacker. Successful attacks of this vulnerability
can result in unauthorized creation, deletion or modification access to
critical data or all MySQL Connectors accessible data as well as
unauthorized access to critical data or complete access to all MySQL
Connectors accessible data. CVSS 3.0 Base Score 8.1 (Confidentiality and
Integrity impacts). CVSS Vector:
(CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:N).
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Trusty/esm:DNE (trusty was needs-triage)
Ubuntu 16.04 LTS (Xenial Xerus):needs-triage
Ubuntu 18.04 LTS (Bionic Beaver):needs-triage
Ubuntu 18.10 (Cosmic Cuttlefish):needs-triage
Ubuntu 19.04 (Disco Dingo):needs-triage
Ubuntu 19.10 (Eoan):needs-triage
More Information

Updated: 2019-04-26 14:31:03 UTC (commit 30899e40836d26e1bb5f0b072d31fd87b6cf3bd4)