CVE-2019-2911

Vulnerability in the MySQL Server product of Oracle MySQL (component: Information Schema). Supported versions that are affected are 5.6.45 and prior, 5.7.27 and prior and 8.0.17 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 2.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N).

References

Affected packages

Git / github.com/mysql/mysql-server

Affected ranges

Type: GIT
Repo: https://github.com/mysql/mysql-server
Events: Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

817fcb883a8457fcf507156bb1a2052e887acc4c

Introduced

0 Unknown introduced commit / All previous commits are affected

Last affected

895e70b7b8fadb409cd10687e853bfbcdb1a2913

Introduced

270fd3411e3d671a73ed9725940a30080f59ce6d

Last affected

77306a41670543e103f94fa0db77a71d2b9f88b2

Affected versions

mysql-5.*

mysql-5.5.52

mysql-5.5.53

mysql-5.5.54

mysql-5.5.55

mysql-5.5.56

mysql-5.5.57

mysql-5.5.58

mysql-5.5.59

mysql-5.5.60

mysql-5.5.61

mysql-5.5.62

mysql-5.5.63

mysql-5.6.33

mysql-5.6.34

mysql-5.6.35

mysql-5.6.36

mysql-5.6.37

mysql-5.6.38

mysql-5.6.39

mysql-5.6.40

mysql-5.6.41

mysql-5.6.42

mysql-5.6.43

mysql-5.6.45

mysql-5.7.15

mysql-5.7.16

mysql-5.7.17

mysql-5.7.18

mysql-5.7.19

mysql-5.7.20

mysql-5.7.21

mysql-5.7.22

mysql-5.7.24

mysql-5.7.25

mysql-5.7.26

mysql-5.7.27

mysql-8.*

mysql-8.0.0

Database specific

source

"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2019-2911.json"