Unauthenticated Vulnerability in MySQL Connectors by Oracle
CVE-2019-2435
8.1HIGH
Summary
An unauthenticated vulnerability exists within the MySQL Connectors component of Oracle MySQL, specifically in the Connector/Python subcomponent. This flaw affects versions 8.0.13 and prior as well as 2.1.8 and prior. Exploitation of this vulnerability permits an attacker with network access via TLS to potentially compromise the MySQL Connectors, requiring human interaction from an individual who is not the attacker. Successful exploitation may lead to unauthorized creation, deletion, or modification of critical data, breaching confidentiality and integrity across all accessible MySQL Connectors data.
Affected Version(s)
MySQL Connectors 8.0.13 and prior
MySQL Connectors 2.1.8 and prior
References
CVSS V3.1
Score:
8.1
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved