Search

Find a vulnerability

Search criteria

    12 vulnerabilities found for mysql_connector\/j by oracle

    CVE-2023-22102 (GCVE-0-2023-22102)

    Vulnerability from nvd – Published: 2023-10-17 21:03 – Updated: 2025-03-06 16:09
    VLAI
    Summary
    Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.1.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of MySQL Connectors.
    • CWE-284 - Improper Access Control
    Assigner
    Impacted products
    Vendor Product Version
    Oracle Corporation MySQL Connectors Affected: * , ≤ 8.1.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:59:29.044Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Oracle Advisory",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpuoct2023.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20231027-0007/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-22102",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-06T15:27:01.818698Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-284",
                    "description": "CWE-284 Improper Access Control",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-06T16:09:05.546Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySQL Connectors",
              "vendor": "Oracle Corporation",
              "versions": [
                {
                  "lessThanOrEqual": "8.1.0",
                  "status": "affected",
                  "version": "*",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J).  Supported versions that are affected are 8.1.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of MySQL Connectors.",
                  "lang": "en-US"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-27T14:06:16.222Z",
            "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
            "shortName": "oracle"
          },
          "references": [
            {
              "name": "Oracle Advisory",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuoct2023.html"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20231027-0007/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "assignerShortName": "oracle",
        "cveId": "CVE-2023-22102",
        "datePublished": "2023-10-17T21:03:05.418Z",
        "dateReserved": "2022-12-17T19:26:00.762Z",
        "dateUpdated": "2025-03-06T16:09:05.546Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-2934 (GCVE-0-2020-2934)

    Vulnerability from nvd – Published: 2020-04-15 13:29 – Updated: 2024-09-27 18:48
    VLAI
    Summary
    Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.19 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors. CVSS 3.0 Base Score 5.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L).
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors.
    Assigner
    References
    Impacted products
    Vendor Product Version
    Oracle Corporation WebLogic Server Affected: 12.1.3.0.0
    Affected: 12.2.1.3.0
    Affected: 12.2.1.4.0
    Affected: 14.1.1.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:24:00.276Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "[debian-lts-announce] 20200611 [SECURITY] [DLA 2245-1] mysql-connector-java security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00015.html"
              },
              {
                "name": "DSA-4703",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2020/dsa-4703"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
              },
              {
                "name": "FEDORA-2020-747ec39700",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/"
              },
              {
                "name": "FEDORA-2020-35995bb2d3",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA/"
              },
              {
                "name": "GLSA-202105-27",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202105-27"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-2934",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-27T18:00:45.678568Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-27T18:48:50.734Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WebLogic Server",
              "vendor": "Oracle Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.1.3.0.0"
                },
                {
                  "status": "affected",
                  "version": "12.2.1.3.0"
                },
                {
                  "status": "affected",
                  "version": "12.2.1.4.0"
                },
                {
                  "status": "affected",
                  "version": "14.1.1.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.19 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors. CVSS 3.0 Base Score 5.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L)."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as  unauthorized read access to a subset of MySQL Connectors accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors.",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-01-19T11:21:37.000Z",
            "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
            "shortName": "oracle"
          },
          "references": [
            {
              "name": "[debian-lts-announce] 20200611 [SECURITY] [DLA 2245-1] mysql-connector-java security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00015.html"
            },
            {
              "name": "DSA-4703",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2020/dsa-4703"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
            },
            {
              "name": "FEDORA-2020-747ec39700",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/"
            },
            {
              "name": "FEDORA-2020-35995bb2d3",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA/"
            },
            {
              "name": "GLSA-202105-27",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/202105-27"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert_us@oracle.com",
              "ID": "CVE-2020-2934",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "WebLogic Server",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "12.1.3.0.0"
                              },
                              {
                                "version_affected": "=",
                                "version_value": "12.2.1.3.0"
                              },
                              {
                                "version_affected": "=",
                                "version_value": "12.2.1.4.0"
                              },
                              {
                                "version_affected": "=",
                                "version_value": "14.1.1.0.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Oracle Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.19 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors. CVSS 3.0 Base Score 5.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L)."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": "5.0",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as  unauthorized read access to a subset of MySQL Connectors accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors."
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "[debian-lts-announce] 20200611 [SECURITY] [DLA 2245-1] mysql-connector-java security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00015.html"
                },
                {
                  "name": "DSA-4703",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2020/dsa-4703"
                },
                {
                  "name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
                },
                {
                  "name": "FEDORA-2020-747ec39700",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/"
                },
                {
                  "name": "FEDORA-2020-35995bb2d3",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA/"
                },
                {
                  "name": "GLSA-202105-27",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/202105-27"
                },
                {
                  "name": "https://www.oracle.com/security-alerts/cpujan2022.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "assignerShortName": "oracle",
        "cveId": "CVE-2020-2934",
        "datePublished": "2020-04-15T13:29:53.000Z",
        "dateReserved": "2019-12-10T00:00:00.000Z",
        "dateUpdated": "2024-09-27T18:48:50.734Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-2933 (GCVE-0-2020-2933)

    Vulnerability from nvd – Published: 2020-04-15 13:29 – Updated: 2024-09-27 18:48
    VLAI
    Summary
    Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 5.1.48 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors. CVSS 3.0 Base Score 2.2 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L).
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors.
    Assigner
    References
    URL Tags
    https://www.oracle.com/security-alerts/cpuapr2020.html x_refsource_MISC
    https://lists.debian.org/debian-lts-announce/2020… mailing-listx_refsource_MLIST
    https://www.debian.org/security/2020/dsa-4703 vendor-advisoryx_refsource_DEBIAN
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisoryx_refsource_FEDORA
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisoryx_refsource_FEDORA
    https://security.gentoo.org/glsa/202105-27 vendor-advisoryx_refsource_GENTOO
    Impacted products
    Vendor Product Version
    Oracle Corporation MySQL Connectors Affected: 5.1.48 and prior
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:24:00.692Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
              },
              {
                "name": "[debian-lts-announce] 20200611 [SECURITY] [DLA 2245-1] mysql-connector-java security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00015.html"
              },
              {
                "name": "DSA-4703",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2020/dsa-4703"
              },
              {
                "name": "FEDORA-2020-747ec39700",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/"
              },
              {
                "name": "FEDORA-2020-35995bb2d3",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA/"
              },
              {
                "name": "GLSA-202105-27",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202105-27"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-2933",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-27T18:00:47.319725Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-27T18:48:58.711Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySQL Connectors",
              "vendor": "Oracle Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "5.1.48 and prior"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 5.1.48 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors. CVSS 3.0 Base Score 2.2 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L)."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 2.2,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors.",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-05-26T11:08:20.000Z",
            "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
            "shortName": "oracle"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
            },
            {
              "name": "[debian-lts-announce] 20200611 [SECURITY] [DLA 2245-1] mysql-connector-java security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00015.html"
            },
            {
              "name": "DSA-4703",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2020/dsa-4703"
            },
            {
              "name": "FEDORA-2020-747ec39700",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/"
            },
            {
              "name": "FEDORA-2020-35995bb2d3",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA/"
            },
            {
              "name": "GLSA-202105-27",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/202105-27"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert_us@oracle.com",
              "ID": "CVE-2020-2933",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "MySQL Connectors",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "5.1.48 and prior"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Oracle Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 5.1.48 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors. CVSS 3.0 Base Score 2.2 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L)."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": "2.2",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors."
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
                },
                {
                  "name": "[debian-lts-announce] 20200611 [SECURITY] [DLA 2245-1] mysql-connector-java security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00015.html"
                },
                {
                  "name": "DSA-4703",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2020/dsa-4703"
                },
                {
                  "name": "FEDORA-2020-747ec39700",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/"
                },
                {
                  "name": "FEDORA-2020-35995bb2d3",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA/"
                },
                {
                  "name": "GLSA-202105-27",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/202105-27"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "assignerShortName": "oracle",
        "cveId": "CVE-2020-2933",
        "datePublished": "2020-04-15T13:29:53.000Z",
        "dateReserved": "2019-12-10T00:00:00.000Z",
        "dateUpdated": "2024-09-27T18:48:58.711Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-2875 (GCVE-0-2020-2875)

    Vulnerability from nvd – Published: 2020-04-15 13:29 – Updated: 2024-09-27 19:00
    VLAI
    Summary
    Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.14 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data. CVSS 3.0 Base Score 4.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N).
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data.
    Assigner
    References
    URL Tags
    https://www.oracle.com/security-alerts/cpuapr2020.html x_refsource_MISC
    https://lists.debian.org/debian-lts-announce/2020… mailing-listx_refsource_MLIST
    https://www.debian.org/security/2020/dsa-4703 vendor-advisoryx_refsource_DEBIAN
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisoryx_refsource_FEDORA
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisoryx_refsource_FEDORA
    https://security.gentoo.org/glsa/202105-27 vendor-advisoryx_refsource_GENTOO
    Impacted products
    Vendor Product Version
    Oracle Corporation MySQL Connectors Affected: 8.0.14 and prior
    Affected: 5.1.48 and prior
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:17:02.881Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
              },
              {
                "name": "[debian-lts-announce] 20200611 [SECURITY] [DLA 2245-1] mysql-connector-java security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00015.html"
              },
              {
                "name": "DSA-4703",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2020/dsa-4703"
              },
              {
                "name": "FEDORA-2020-747ec39700",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/"
              },
              {
                "name": "FEDORA-2020-35995bb2d3",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA/"
              },
              {
                "name": "GLSA-202105-27",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202105-27"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-2875",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-27T18:02:06.346578Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-27T19:00:11.470Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySQL Connectors",
              "vendor": "Oracle Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "8.0.14 and prior"
                },
                {
                  "status": "affected",
                  "version": "5.1.48 and prior"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.14 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data. CVSS 3.0 Base Score 4.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N)."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as  unauthorized read access to a subset of MySQL Connectors accessible data.",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-05-26T11:08:07.000Z",
            "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
            "shortName": "oracle"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
            },
            {
              "name": "[debian-lts-announce] 20200611 [SECURITY] [DLA 2245-1] mysql-connector-java security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00015.html"
            },
            {
              "name": "DSA-4703",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2020/dsa-4703"
            },
            {
              "name": "FEDORA-2020-747ec39700",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/"
            },
            {
              "name": "FEDORA-2020-35995bb2d3",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA/"
            },
            {
              "name": "GLSA-202105-27",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/202105-27"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert_us@oracle.com",
              "ID": "CVE-2020-2875",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "MySQL Connectors",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "8.0.14 and prior"
                              },
                              {
                                "version_affected": "=",
                                "version_value": "5.1.48 and prior"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Oracle Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.14 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data. CVSS 3.0 Base Score 4.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N)."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": "4.7",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as  unauthorized read access to a subset of MySQL Connectors accessible data."
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
                },
                {
                  "name": "[debian-lts-announce] 20200611 [SECURITY] [DLA 2245-1] mysql-connector-java security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00015.html"
                },
                {
                  "name": "DSA-4703",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2020/dsa-4703"
                },
                {
                  "name": "FEDORA-2020-747ec39700",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/"
                },
                {
                  "name": "FEDORA-2020-35995bb2d3",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA/"
                },
                {
                  "name": "GLSA-202105-27",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/202105-27"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "assignerShortName": "oracle",
        "cveId": "CVE-2020-2875",
        "datePublished": "2020-04-15T13:29:50.000Z",
        "dateReserved": "2019-12-10T00:00:00.000Z",
        "dateUpdated": "2024-09-27T19:00:11.470Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-2692 (GCVE-0-2019-2692)

    Vulnerability from nvd – Published: 2019-04-23 18:16 – Updated: 2024-10-02 15:57
    VLAI
    Summary
    Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Connectors executes to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.0 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H).
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Connectors executes to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Connectors.
    Assigner
    References
    Impacted products
    Vendor Product Version
    Oracle Corporation MySQL Connectors Affected: 8.0.15 and prior
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T18:56:45.636Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
              },
              {
                "name": "107925",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/107925"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20190423-0002/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2019-2692",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-02T15:55:48.281220Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-02T15:57:52.292Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySQL Connectors",
              "vendor": "Oracle Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "8.0.15 and prior"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Connectors executes to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.0 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Connectors executes to compromise MySQL Connectors.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Connectors.",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-09-30T18:52:09.000Z",
            "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
            "shortName": "oracle"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
            },
            {
              "name": "107925",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/107925"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20190423-0002/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert_us@oracle.com",
              "ID": "CVE-2019-2692",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "MySQL Connectors",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "8.0.15 and prior"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Oracle Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Connectors executes to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.0 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Connectors executes to compromise MySQL Connectors.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Connectors."
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
                  "refsource": "MISC",
                  "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
                },
                {
                  "name": "107925",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/107925"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20190423-0002/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20190423-0002/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "assignerShortName": "oracle",
        "cveId": "CVE-2019-2692",
        "datePublished": "2019-04-23T18:16:44.000Z",
        "dateReserved": "2018-12-14T00:00:00.000Z",
        "dateUpdated": "2024-10-02T15:57:52.292Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-1696 (GCVE-0-2012-1696)

    Vulnerability from nvd – Published: 2012-05-03 22:00 – Updated: 2024-08-06 19:08
    VLAI
    Summary
    Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/53372 third-party-advisoryx_refsource_SECUNIA
    http://security.gentoo.org/glsa/glsa-201308-06.xml vendor-advisoryx_refsource_GENTOO
    http://www.securityfocus.com/bid/53071 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id?1026934 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/48890 third-party-advisoryx_refsource_SECUNIA
    http://www.oracle.com/technetwork/topics/security… x_refsource_CONFIRM
    http://secunia.com/advisories/49179 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    Date Public
    2012-04-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T19:08:38.184Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "53372",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/53372"
              },
              {
                "name": "GLSA-201308-06",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
              },
              {
                "name": "53071",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/53071"
              },
              {
                "name": "1026934",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1026934"
              },
              {
                "name": "48890",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48890"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html"
              },
              {
                "name": "49179",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/49179"
              },
              {
                "name": "MDVSA-2013:150",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-04-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-12-06T21:57:01.000Z",
            "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
            "shortName": "oracle"
          },
          "references": [
            {
              "name": "53372",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/53372"
            },
            {
              "name": "GLSA-201308-06",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
            },
            {
              "name": "53071",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/53071"
            },
            {
              "name": "1026934",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1026934"
            },
            {
              "name": "48890",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48890"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html"
            },
            {
              "name": "49179",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/49179"
            },
            {
              "name": "MDVSA-2013:150",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert_us@oracle.com",
              "ID": "CVE-2012-1696",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "53372",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/53372"
                },
                {
                  "name": "GLSA-201308-06",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
                },
                {
                  "name": "53071",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/53071"
                },
                {
                  "name": "1026934",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1026934"
                },
                {
                  "name": "48890",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/48890"
                },
                {
                  "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html"
                },
                {
                  "name": "49179",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/49179"
                },
                {
                  "name": "MDVSA-2013:150",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "assignerShortName": "oracle",
        "cveId": "CVE-2012-1696",
        "datePublished": "2012-05-03T22:00:00.000Z",
        "dateReserved": "2012-03-16T00:00:00.000Z",
        "dateUpdated": "2024-08-06T19:08:38.184Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2023-22102 (GCVE-0-2023-22102)

    Vulnerability from cvelistv5 – Published: 2023-10-17 21:03 – Updated: 2025-03-06 16:09
    VLAI
    Summary
    Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.1.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of MySQL Connectors.
    • CWE-284 - Improper Access Control
    Assigner
    Impacted products
    Vendor Product Version
    Oracle Corporation MySQL Connectors Affected: * , ≤ 8.1.0 (custom)
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-02T09:59:29.044Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "Oracle Advisory",
                "tags": [
                  "vendor-advisory",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpuoct2023.html"
              },
              {
                "tags": [
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20231027-0007/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2023-22102",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2025-03-06T15:27:01.818698Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "problemTypes": [
              {
                "descriptions": [
                  {
                    "cweId": "CWE-284",
                    "description": "CWE-284 Improper Access Control",
                    "lang": "en",
                    "type": "CWE"
                  }
                ]
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2025-03-06T16:09:05.546Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySQL Connectors",
              "vendor": "Oracle Corporation",
              "versions": [
                {
                  "lessThanOrEqual": "8.1.0",
                  "status": "affected",
                  "version": "*",
                  "versionType": "custom"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en-US",
              "value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J).  Supported versions that are affected are 8.1.0 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.1 Base Score 8.3 (Confidentiality, Integrity and Availability impacts).  CVSS Vector: (CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H)."
            }
          ],
          "metrics": [
            {
              "cvssV3_1": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "HIGH",
                "baseScore": 8.3,
                "baseSeverity": "HIGH",
                "confidentialityImpact": "HIGH",
                "integrityImpact": "HIGH",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H",
                "version": "3.1"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products (scope change). Successful attacks of this vulnerability can result in takeover of MySQL Connectors.",
                  "lang": "en-US"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2023-10-27T14:06:16.222Z",
            "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
            "shortName": "oracle"
          },
          "references": [
            {
              "name": "Oracle Advisory",
              "tags": [
                "vendor-advisory"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuoct2023.html"
            },
            {
              "url": "https://security.netapp.com/advisory/ntap-20231027-0007/"
            }
          ]
        }
      },
      "cveMetadata": {
        "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "assignerShortName": "oracle",
        "cveId": "CVE-2023-22102",
        "datePublished": "2023-10-17T21:03:05.418Z",
        "dateReserved": "2022-12-17T19:26:00.762Z",
        "dateUpdated": "2025-03-06T16:09:05.546Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-2934 (GCVE-0-2020-2934)

    Vulnerability from cvelistv5 – Published: 2020-04-15 13:29 – Updated: 2024-09-27 18:48
    VLAI
    Summary
    Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.19 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors. CVSS 3.0 Base Score 5.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L).
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors.
    Assigner
    References
    Impacted products
    Vendor Product Version
    Oracle Corporation WebLogic Server Affected: 12.1.3.0.0
    Affected: 12.2.1.3.0
    Affected: 12.2.1.4.0
    Affected: 14.1.1.0.0
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:24:00.276Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "[debian-lts-announce] 20200611 [SECURITY] [DLA 2245-1] mysql-connector-java security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00015.html"
              },
              {
                "name": "DSA-4703",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2020/dsa-4703"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
              },
              {
                "name": "FEDORA-2020-747ec39700",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/"
              },
              {
                "name": "FEDORA-2020-35995bb2d3",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA/"
              },
              {
                "name": "GLSA-202105-27",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202105-27"
              },
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-2934",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-27T18:00:45.678568Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-27T18:48:50.734Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "WebLogic Server",
              "vendor": "Oracle Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "12.1.3.0.0"
                },
                {
                  "status": "affected",
                  "version": "12.2.1.3.0"
                },
                {
                  "status": "affected",
                  "version": "12.2.1.4.0"
                },
                {
                  "status": "affected",
                  "version": "14.1.1.0.0"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.19 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors. CVSS 3.0 Base Score 5.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L)."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 5,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "UNCHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as  unauthorized read access to a subset of MySQL Connectors accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors.",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2022-01-19T11:21:37.000Z",
            "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
            "shortName": "oracle"
          },
          "references": [
            {
              "name": "[debian-lts-announce] 20200611 [SECURITY] [DLA 2245-1] mysql-connector-java security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00015.html"
            },
            {
              "name": "DSA-4703",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2020/dsa-4703"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
            },
            {
              "name": "FEDORA-2020-747ec39700",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/"
            },
            {
              "name": "FEDORA-2020-35995bb2d3",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA/"
            },
            {
              "name": "GLSA-202105-27",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/202105-27"
            },
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert_us@oracle.com",
              "ID": "CVE-2020-2934",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "WebLogic Server",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "12.1.3.0.0"
                              },
                              {
                                "version_affected": "=",
                                "version_value": "12.2.1.3.0"
                              },
                              {
                                "version_affected": "=",
                                "version_value": "12.2.1.4.0"
                              },
                              {
                                "version_affected": "=",
                                "version_value": "14.1.1.0.0"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Oracle Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.19 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors. CVSS 3.0 Base Score 5.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L)."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": "5.0",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as  unauthorized read access to a subset of MySQL Connectors accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors."
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "[debian-lts-announce] 20200611 [SECURITY] [DLA 2245-1] mysql-connector-java security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00015.html"
                },
                {
                  "name": "DSA-4703",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2020/dsa-4703"
                },
                {
                  "name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
                },
                {
                  "name": "FEDORA-2020-747ec39700",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/"
                },
                {
                  "name": "FEDORA-2020-35995bb2d3",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA/"
                },
                {
                  "name": "GLSA-202105-27",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/202105-27"
                },
                {
                  "name": "https://www.oracle.com/security-alerts/cpujan2022.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpujan2022.html"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "assignerShortName": "oracle",
        "cveId": "CVE-2020-2934",
        "datePublished": "2020-04-15T13:29:53.000Z",
        "dateReserved": "2019-12-10T00:00:00.000Z",
        "dateUpdated": "2024-09-27T18:48:50.734Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-2933 (GCVE-0-2020-2933)

    Vulnerability from cvelistv5 – Published: 2020-04-15 13:29 – Updated: 2024-09-27 18:48
    VLAI
    Summary
    Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 5.1.48 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors. CVSS 3.0 Base Score 2.2 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L).
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors.
    Assigner
    References
    URL Tags
    https://www.oracle.com/security-alerts/cpuapr2020.html x_refsource_MISC
    https://lists.debian.org/debian-lts-announce/2020… mailing-listx_refsource_MLIST
    https://www.debian.org/security/2020/dsa-4703 vendor-advisoryx_refsource_DEBIAN
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisoryx_refsource_FEDORA
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisoryx_refsource_FEDORA
    https://security.gentoo.org/glsa/202105-27 vendor-advisoryx_refsource_GENTOO
    Impacted products
    Vendor Product Version
    Oracle Corporation MySQL Connectors Affected: 5.1.48 and prior
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:24:00.692Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
              },
              {
                "name": "[debian-lts-announce] 20200611 [SECURITY] [DLA 2245-1] mysql-connector-java security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00015.html"
              },
              {
                "name": "DSA-4703",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2020/dsa-4703"
              },
              {
                "name": "FEDORA-2020-747ec39700",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/"
              },
              {
                "name": "FEDORA-2020-35995bb2d3",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA/"
              },
              {
                "name": "GLSA-202105-27",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202105-27"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-2933",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-27T18:00:47.319725Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-27T18:48:58.711Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySQL Connectors",
              "vendor": "Oracle Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "5.1.48 and prior"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 5.1.48 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors. CVSS 3.0 Base Score 2.2 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L)."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "LOW",
                "baseScore": 2.2,
                "baseSeverity": "LOW",
                "confidentialityImpact": "NONE",
                "integrityImpact": "NONE",
                "privilegesRequired": "HIGH",
                "scope": "UNCHANGED",
                "userInteraction": "NONE",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors.",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-05-26T11:08:20.000Z",
            "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
            "shortName": "oracle"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
            },
            {
              "name": "[debian-lts-announce] 20200611 [SECURITY] [DLA 2245-1] mysql-connector-java security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00015.html"
            },
            {
              "name": "DSA-4703",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2020/dsa-4703"
            },
            {
              "name": "FEDORA-2020-747ec39700",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/"
            },
            {
              "name": "FEDORA-2020-35995bb2d3",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA/"
            },
            {
              "name": "GLSA-202105-27",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/202105-27"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert_us@oracle.com",
              "ID": "CVE-2020-2933",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "MySQL Connectors",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "5.1.48 and prior"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Oracle Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 5.1.48 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors. CVSS 3.0 Base Score 2.2 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L)."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": "2.2",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:L",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors."
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
                },
                {
                  "name": "[debian-lts-announce] 20200611 [SECURITY] [DLA 2245-1] mysql-connector-java security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00015.html"
                },
                {
                  "name": "DSA-4703",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2020/dsa-4703"
                },
                {
                  "name": "FEDORA-2020-747ec39700",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/"
                },
                {
                  "name": "FEDORA-2020-35995bb2d3",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA/"
                },
                {
                  "name": "GLSA-202105-27",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/202105-27"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "assignerShortName": "oracle",
        "cveId": "CVE-2020-2933",
        "datePublished": "2020-04-15T13:29:53.000Z",
        "dateReserved": "2019-12-10T00:00:00.000Z",
        "dateUpdated": "2024-09-27T18:48:58.711Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2020-2875 (GCVE-0-2020-2875)

    Vulnerability from cvelistv5 – Published: 2020-04-15 13:29 – Updated: 2024-09-27 19:00
    VLAI
    Summary
    Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.14 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data. CVSS 3.0 Base Score 4.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N).
    SSVC
    Exploitation: none Automatable: no Technical Impact: partial
    CISA Coordinator (v2.0.3)
    CWE
    • Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data.
    Assigner
    References
    URL Tags
    https://www.oracle.com/security-alerts/cpuapr2020.html x_refsource_MISC
    https://lists.debian.org/debian-lts-announce/2020… mailing-listx_refsource_MLIST
    https://www.debian.org/security/2020/dsa-4703 vendor-advisoryx_refsource_DEBIAN
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisoryx_refsource_FEDORA
    https://lists.fedoraproject.org/archives/list/pac… vendor-advisoryx_refsource_FEDORA
    https://security.gentoo.org/glsa/202105-27 vendor-advisoryx_refsource_GENTOO
    Impacted products
    Vendor Product Version
    Oracle Corporation MySQL Connectors Affected: 8.0.14 and prior
    Affected: 5.1.48 and prior
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T07:17:02.881Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
              },
              {
                "name": "[debian-lts-announce] 20200611 [SECURITY] [DLA 2245-1] mysql-connector-java security update",
                "tags": [
                  "mailing-list",
                  "x_refsource_MLIST",
                  "x_transferred"
                ],
                "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00015.html"
              },
              {
                "name": "DSA-4703",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_DEBIAN",
                  "x_transferred"
                ],
                "url": "https://www.debian.org/security/2020/dsa-4703"
              },
              {
                "name": "FEDORA-2020-747ec39700",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/"
              },
              {
                "name": "FEDORA-2020-35995bb2d3",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_FEDORA",
                  "x_transferred"
                ],
                "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA/"
              },
              {
                "name": "GLSA-202105-27",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "https://security.gentoo.org/glsa/202105-27"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2020-2875",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "partial"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-09-27T18:02:06.346578Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-09-27T19:00:11.470Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySQL Connectors",
              "vendor": "Oracle Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "8.0.14 and prior"
                },
                {
                  "status": "affected",
                  "version": "5.1.48 and prior"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.14 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data. CVSS 3.0 Base Score 4.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N)."
            }
          ],
          "metrics": [
            {
              "cvssV3_0": {
                "attackComplexity": "HIGH",
                "attackVector": "NETWORK",
                "availabilityImpact": "NONE",
                "baseScore": 4.7,
                "baseSeverity": "MEDIUM",
                "confidentialityImpact": "LOW",
                "integrityImpact": "LOW",
                "privilegesRequired": "NONE",
                "scope": "CHANGED",
                "userInteraction": "REQUIRED",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as  unauthorized read access to a subset of MySQL Connectors accessible data.",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2021-05-26T11:08:07.000Z",
            "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
            "shortName": "oracle"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
            },
            {
              "name": "[debian-lts-announce] 20200611 [SECURITY] [DLA 2245-1] mysql-connector-java security update",
              "tags": [
                "mailing-list",
                "x_refsource_MLIST"
              ],
              "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00015.html"
            },
            {
              "name": "DSA-4703",
              "tags": [
                "vendor-advisory",
                "x_refsource_DEBIAN"
              ],
              "url": "https://www.debian.org/security/2020/dsa-4703"
            },
            {
              "name": "FEDORA-2020-747ec39700",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/"
            },
            {
              "name": "FEDORA-2020-35995bb2d3",
              "tags": [
                "vendor-advisory",
                "x_refsource_FEDORA"
              ],
              "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA/"
            },
            {
              "name": "GLSA-202105-27",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "https://security.gentoo.org/glsa/202105-27"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert_us@oracle.com",
              "ID": "CVE-2020-2875",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "MySQL Connectors",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "8.0.14 and prior"
                              },
                              {
                                "version_affected": "=",
                                "version_value": "5.1.48 and prior"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Oracle Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.14 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data. CVSS 3.0 Base Score 4.7 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N)."
                }
              ]
            },
            "impact": {
              "cvss": {
                "baseScore": "4.7",
                "vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:C/C:L/I:L/A:N",
                "version": "3.0"
              }
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors.  Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Connectors, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in  unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as  unauthorized read access to a subset of MySQL Connectors accessible data."
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "https://www.oracle.com/security-alerts/cpuapr2020.html",
                  "refsource": "MISC",
                  "url": "https://www.oracle.com/security-alerts/cpuapr2020.html"
                },
                {
                  "name": "[debian-lts-announce] 20200611 [SECURITY] [DLA 2245-1] mysql-connector-java security update",
                  "refsource": "MLIST",
                  "url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00015.html"
                },
                {
                  "name": "DSA-4703",
                  "refsource": "DEBIAN",
                  "url": "https://www.debian.org/security/2020/dsa-4703"
                },
                {
                  "name": "FEDORA-2020-747ec39700",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/"
                },
                {
                  "name": "FEDORA-2020-35995bb2d3",
                  "refsource": "FEDORA",
                  "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA/"
                },
                {
                  "name": "GLSA-202105-27",
                  "refsource": "GENTOO",
                  "url": "https://security.gentoo.org/glsa/202105-27"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "assignerShortName": "oracle",
        "cveId": "CVE-2020-2875",
        "datePublished": "2020-04-15T13:29:50.000Z",
        "dateReserved": "2019-12-10T00:00:00.000Z",
        "dateUpdated": "2024-09-27T19:00:11.470Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2019-2692 (GCVE-0-2019-2692)

    Vulnerability from cvelistv5 – Published: 2019-04-23 18:16 – Updated: 2024-10-02 15:57
    VLAI
    Summary
    Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Connectors executes to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.0 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H).
    Severity
    No CVSS data available.
    SSVC
    Exploitation: none Automatable: no Technical Impact: total
    CISA Coordinator (v2.0.3)
    CWE
    • Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Connectors executes to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Connectors.
    Assigner
    References
    Impacted products
    Vendor Product Version
    Oracle Corporation MySQL Connectors Affected: 8.0.15 and prior
    Create a notification for this product.
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-04T18:56:45.636Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "tags": [
                  "x_refsource_MISC",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
              },
              {
                "name": "107925",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/107925"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "https://security.netapp.com/advisory/ntap-20190423-0002/"
              }
            ],
            "title": "CVE Program Container"
          },
          {
            "metrics": [
              {
                "other": {
                  "content": {
                    "id": "CVE-2019-2692",
                    "options": [
                      {
                        "Exploitation": "none"
                      },
                      {
                        "Automatable": "no"
                      },
                      {
                        "Technical Impact": "total"
                      }
                    ],
                    "role": "CISA Coordinator",
                    "timestamp": "2024-10-02T15:55:48.281220Z",
                    "version": "2.0.3"
                  },
                  "type": "ssvc"
                }
              }
            ],
            "providerMetadata": {
              "dateUpdated": "2024-10-02T15:57:52.292Z",
              "orgId": "134c704f-9b21-4f2e-91b3-4a467353bcc0",
              "shortName": "CISA-ADP"
            },
            "title": "CISA ADP Vulnrichment"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "MySQL Connectors",
              "vendor": "Oracle Corporation",
              "versions": [
                {
                  "status": "affected",
                  "version": "8.0.15 and prior"
                }
              ]
            }
          ],
          "descriptions": [
            {
              "lang": "en",
              "value": "Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Connectors executes to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.0 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H)."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Connectors executes to compromise MySQL Connectors.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Connectors.",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2019-09-30T18:52:09.000Z",
            "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
            "shortName": "oracle"
          },
          "references": [
            {
              "tags": [
                "x_refsource_MISC"
              ],
              "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
            },
            {
              "name": "107925",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/107925"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "https://security.netapp.com/advisory/ntap-20190423-0002/"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert_us@oracle.com",
              "ID": "CVE-2019-2692",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "MySQL Connectors",
                          "version": {
                            "version_data": [
                              {
                                "version_affected": "=",
                                "version_value": "8.0.15 and prior"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "Oracle Corporation"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Connectors executes to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.0 Base Score 6.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H)."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Connectors executes to compromise MySQL Connectors.  Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Connectors."
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html",
                  "refsource": "MISC",
                  "url": "http://www.oracle.com/technetwork/security-advisory/cpuapr2019-5072813.html"
                },
                {
                  "name": "107925",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/107925"
                },
                {
                  "name": "https://security.netapp.com/advisory/ntap-20190423-0002/",
                  "refsource": "CONFIRM",
                  "url": "https://security.netapp.com/advisory/ntap-20190423-0002/"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "assignerShortName": "oracle",
        "cveId": "CVE-2019-2692",
        "datePublished": "2019-04-23T18:16:44.000Z",
        "dateReserved": "2018-12-14T00:00:00.000Z",
        "dateUpdated": "2024-10-02T15:57:52.292Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }

    CVE-2012-1696 (GCVE-0-2012-1696)

    Vulnerability from cvelistv5 – Published: 2012-05-03 22:00 – Updated: 2024-08-06 19:08
    VLAI
    Summary
    Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer.
    Severity
    No CVSS data available.
    CWE
    • n/a
    Assigner
    References
    URL Tags
    http://secunia.com/advisories/53372 third-party-advisoryx_refsource_SECUNIA
    http://security.gentoo.org/glsa/glsa-201308-06.xml vendor-advisoryx_refsource_GENTOO
    http://www.securityfocus.com/bid/53071 vdb-entryx_refsource_BID
    http://www.securitytracker.com/id?1026934 vdb-entryx_refsource_SECTRACK
    http://secunia.com/advisories/48890 third-party-advisoryx_refsource_SECUNIA
    http://www.oracle.com/technetwork/topics/security… x_refsource_CONFIRM
    http://secunia.com/advisories/49179 third-party-advisoryx_refsource_SECUNIA
    http://www.mandriva.com/security/advisories?name=… vendor-advisoryx_refsource_MANDRIVA
    Date Public
    2012-04-17 00:00
    Show details on NVD website

    {
      "containers": {
        "adp": [
          {
            "providerMetadata": {
              "dateUpdated": "2024-08-06T19:08:38.184Z",
              "orgId": "af854a3a-2127-422b-91ae-364da2661108",
              "shortName": "CVE"
            },
            "references": [
              {
                "name": "53372",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/53372"
              },
              {
                "name": "GLSA-201308-06",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_GENTOO",
                  "x_transferred"
                ],
                "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
              },
              {
                "name": "53071",
                "tags": [
                  "vdb-entry",
                  "x_refsource_BID",
                  "x_transferred"
                ],
                "url": "http://www.securityfocus.com/bid/53071"
              },
              {
                "name": "1026934",
                "tags": [
                  "vdb-entry",
                  "x_refsource_SECTRACK",
                  "x_transferred"
                ],
                "url": "http://www.securitytracker.com/id?1026934"
              },
              {
                "name": "48890",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/48890"
              },
              {
                "tags": [
                  "x_refsource_CONFIRM",
                  "x_transferred"
                ],
                "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html"
              },
              {
                "name": "49179",
                "tags": [
                  "third-party-advisory",
                  "x_refsource_SECUNIA",
                  "x_transferred"
                ],
                "url": "http://secunia.com/advisories/49179"
              },
              {
                "name": "MDVSA-2013:150",
                "tags": [
                  "vendor-advisory",
                  "x_refsource_MANDRIVA",
                  "x_transferred"
                ],
                "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
              }
            ],
            "title": "CVE Program Container"
          }
        ],
        "cna": {
          "affected": [
            {
              "product": "n/a",
              "vendor": "n/a",
              "versions": [
                {
                  "status": "affected",
                  "version": "n/a"
                }
              ]
            }
          ],
          "datePublic": "2012-04-17T00:00:00.000Z",
          "descriptions": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer."
            }
          ],
          "problemTypes": [
            {
              "descriptions": [
                {
                  "description": "n/a",
                  "lang": "en",
                  "type": "text"
                }
              ]
            }
          ],
          "providerMetadata": {
            "dateUpdated": "2017-12-06T21:57:01.000Z",
            "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
            "shortName": "oracle"
          },
          "references": [
            {
              "name": "53372",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/53372"
            },
            {
              "name": "GLSA-201308-06",
              "tags": [
                "vendor-advisory",
                "x_refsource_GENTOO"
              ],
              "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
            },
            {
              "name": "53071",
              "tags": [
                "vdb-entry",
                "x_refsource_BID"
              ],
              "url": "http://www.securityfocus.com/bid/53071"
            },
            {
              "name": "1026934",
              "tags": [
                "vdb-entry",
                "x_refsource_SECTRACK"
              ],
              "url": "http://www.securitytracker.com/id?1026934"
            },
            {
              "name": "48890",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/48890"
            },
            {
              "tags": [
                "x_refsource_CONFIRM"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html"
            },
            {
              "name": "49179",
              "tags": [
                "third-party-advisory",
                "x_refsource_SECUNIA"
              ],
              "url": "http://secunia.com/advisories/49179"
            },
            {
              "name": "MDVSA-2013:150",
              "tags": [
                "vendor-advisory",
                "x_refsource_MANDRIVA"
              ],
              "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
            }
          ],
          "x_legacyV4Record": {
            "CVE_data_meta": {
              "ASSIGNER": "secalert_us@oracle.com",
              "ID": "CVE-2012-1696",
              "STATE": "PUBLIC"
            },
            "affects": {
              "vendor": {
                "vendor_data": [
                  {
                    "product": {
                      "product_data": [
                        {
                          "product_name": "n/a",
                          "version": {
                            "version_data": [
                              {
                                "version_value": "n/a"
                              }
                            ]
                          }
                        }
                      ]
                    },
                    "vendor_name": "n/a"
                  }
                ]
              }
            },
            "data_format": "MITRE",
            "data_type": "CVE",
            "data_version": "4.0",
            "description": {
              "description_data": [
                {
                  "lang": "eng",
                  "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.19 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server Optimizer."
                }
              ]
            },
            "problemtype": {
              "problemtype_data": [
                {
                  "description": [
                    {
                      "lang": "eng",
                      "value": "n/a"
                    }
                  ]
                }
              ]
            },
            "references": {
              "reference_data": [
                {
                  "name": "53372",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/53372"
                },
                {
                  "name": "GLSA-201308-06",
                  "refsource": "GENTOO",
                  "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"
                },
                {
                  "name": "53071",
                  "refsource": "BID",
                  "url": "http://www.securityfocus.com/bid/53071"
                },
                {
                  "name": "1026934",
                  "refsource": "SECTRACK",
                  "url": "http://www.securitytracker.com/id?1026934"
                },
                {
                  "name": "48890",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/48890"
                },
                {
                  "name": "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html",
                  "refsource": "CONFIRM",
                  "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html"
                },
                {
                  "name": "49179",
                  "refsource": "SECUNIA",
                  "url": "http://secunia.com/advisories/49179"
                },
                {
                  "name": "MDVSA-2013:150",
                  "refsource": "MANDRIVA",
                  "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2013:150"
                }
              ]
            }
          }
        }
      },
      "cveMetadata": {
        "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "assignerShortName": "oracle",
        "cveId": "CVE-2012-1696",
        "datePublished": "2012-05-03T22:00:00.000Z",
        "dateReserved": "2012-03-16T00:00:00.000Z",
        "dateUpdated": "2024-08-06T19:08:38.184Z",
        "state": "PUBLISHED"
      },
      "dataType": "CVE_RECORD",
      "dataVersion": "5.1"
    }