CVE-2019-2614
Summary
| CVE | CVE-2019-2614 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2019-04-23 19:32:00 UTC |
| Updated | 2023-11-07 03:09:00 UTC |
| Description | Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.6.43 and prior, 5.7.25 and prior and 8.0.15 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.4 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H). |
Risk And Classification
Problem Types: NVD-CWE-noinfo
NVD Known Affected Configurations (CPE 2.3)
| Type | Vendor | Product | Version | Update | Edition | Language |
|---|---|---|---|---|---|---|
| Operating System | Canonical | Ubuntu Linux | 14.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 16.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 16.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 18.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 18.10 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 19.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 14.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 16.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 18.04 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 18.10 | All | All | All |
| Operating System | Canonical | Ubuntu Linux | 19.04 | All | All | All |
| Operating System | Fedoraproject | Fedora | 29 | All | All | All |
| Operating System | Fedoraproject | Fedora | 30 | All | All | All |
| Application | Mariadb | Mariadb | All | All | All | All |
| Operating System | Opensuse | Leap | 15.0 | All | All | All |
| Operating System | Opensuse | Leap | 15.1 | All | All | All |
| Application | Oracle | Mysql | All | All | All | All |
| Application | Oracle | Mysql | All | All | All | All |
| Application | Oracle | Mysql | All | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Desktop | 8.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Eus | 8.1 | All | All | All |
| Operating System | Redhat | Enterprise Linux Eus | 8.2 | All | All | All |
| Operating System | Redhat | Enterprise Linux Eus | 8.4 | All | All | All |
| Operating System | Redhat | Enterprise Linux Eus | 8.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 7.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server | 8.0 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Aus | 8.2 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Aus | 8.4 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Aus | 8.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Tus | 8.2 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Tus | 8.4 | All | All | All |
| Operating System | Redhat | Enterprise Linux Server Tus | 8.6 | All | All | All |
| Operating System | Redhat | Enterprise Linux Workstation | 7.0 | All | All | All |
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| USN-3957-3: MariaDB vulnerabilities | Ubuntu security notices | Ubuntu | UBUNTU | usn.ubuntu.com | |
| Oracle Critical Patch Update - April 2019 | MISC | www.oracle.com | Patch, Vendor Advisory |
| [SECURITY] Fedora 30 Update: community-mysql-8.0.17-2.fc30 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| [SECURITY] Fedora 30 Update: community-mysql-8.0.17-2.fc30 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| [security-announce] openSUSE-SU-2019:1915-1: important: Security update | SUSE | lists.opensuse.org | |
| [security-announce] openSUSE-SU-2019:1913-1: important: Security update | SUSE | lists.opensuse.org | |
| support.f5.com/csp/article/K52514501 | CONFIRM | support.f5.com | Third Party Advisory |
| USN-4070-3: MariaDB vulnerabilities | Ubuntu security notices | Ubuntu | UBUNTU | usn.ubuntu.com | |
| [SECURITY] Fedora 29 Update: community-mysql-8.0.17-2.fc29 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| Red Hat Customer Portal | REDHAT | access.redhat.com | |
| Red Hat Customer Portal | REDHAT | access.redhat.com | |
| Red Hat Customer Portal | REDHAT | access.redhat.com | |
| Red Hat Customer Portal | REDHAT | access.redhat.com | |
| USN-3957-1: MySQL vulnerabilities | Ubuntu security notices | Ubuntu | UBUNTU | usn.ubuntu.com | Third Party Advisory |
| [SECURITY] Fedora 29 Update: community-mysql-8.0.17-2.fc29 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| USN-3957-2: MariaDB vulnerabilities | Ubuntu security notices | UBUNTU | usn.ubuntu.com | Third Party Advisory |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 159650 Oracle Enterprise Linux Security Update for mariadb:10.3 security and bug fix update (ELSA-2019-3708)
- 296081 Oracle Solaris 11.4 Support Repository Update (SRU) 12.5.0 Missing (CPUJUL2019)
- 377107 Alibaba Cloud Linux Security Update for mysql:8.0 (ALINUX3-SA-2022:0107)
- 377320 Alibaba Cloud Linux Security Update for mariadb (ALINUX2-SA-2019:0079)
- 500379 Alpine Linux Security Update for mariadb
- 504137 Alpine Linux Security Update for mariadb
- 940079 AlmaLinux Security Update for mysql:8.0 (ALSA-2019:2511)
- 940341 AlmaLinux Security Update for mariadb:10.3 (ALSA-2019:3708)
- 960793 Rocky Linux Security Update for mysql:8.0 (RLSA-2019:2511)