Password Leakage Vulnerability in MySQL GUI Tools by Oracle
CVE-2010-4178

5.5MEDIUM

Key Information:

Vendor: Mysql-gui-tools
Status: Mysql-gui-tools
Vendor: CVE Published:; 6 November 2019

What is CVE-2010-4178?

MySQL GUI Tools, specifically the mysql-administrator, is vulnerable to a password leakage issue that occurs when launching the MySQL text console. This flaw can lead to the exposure of sensitive passwords, as they are unintentionally listed in the process list. This vulnerability poses a significant risk to data integrity and confidentiality, allowing potential unauthorized access to critical information. It is essential for users of MySQL GUI Tools to review their security practices and consider applying necessary patches or updates to mitigate this risk.

Affected Version(s)

MySQL-GUI-tools through 2010-11-19

References

https://security-tracker.debian.org/tracker/CVE-2010-4178

x_refsource_MISC

https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2010-4178

x_refsource_MISC

https://access.redhat.com/security/cve/cve-2010-4178

x_refsource_MISC

CVSS V3.1

Score:

5.5

Severity:

MEDIUM

Confidentiality:

High

Integrity:

None

Availability:

High

Attack Vector:

Local

Attack Complexity:

Low

Privileges Required:

Low

User Interaction:

None

Scope:

Unchanged

Timeline

Vulnerability published
Nov 6, 2019
Vulnerability Reserved
Nov 4, 2010

Mysql-gui-tools

What is CVE-2010-4178?

Affected Version(s)

References

CVSS V3.1

Timeline