Description

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Optimizer). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.1 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Remediation

References

CVE-2020-14654

Related Vulnerabilities

Ruby on Rails Improper Input Validation Vulnerability (CVE-2016-2098)

WordPress Plugin wptf-image-gallery Arbitrary File Download (1.0.3)

WordPress Plugin ProfileGrid-User Profiles, Groups and Communities Privilege Escalation (5.8.9)

Jetty Allocation of Resources Without Limits or Throttling Vulnerability (CVE-2023-26048)

Oracle JRE CVE-2010-0840 Vulnerability (CVE-2010-0840)

Severity

Medium

Classification

CVE-2020-14654 CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Tags

Missing Update Known Vulnerabilities