CVE-2020-14697

Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Security: Privileges). Supported versions that are affected are 8.0.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.1 Base Score 7.2 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H).
Configurations

Configuration 1 (hide)

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*

Configuration 3 (hide)

OR cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*

History

30 Jun 2022, 21:03

Type Values Removed Values Added
References (GENTOO) https://security.gentoo.org/glsa/202105-27 - (GENTOO) https://security.gentoo.org/glsa/202105-27 - Third Party Advisory
References (UBUNTU) https://usn.ubuntu.com/4441-1/ - (UBUNTU) https://usn.ubuntu.com/4441-1/ - Third Party Advisory
CPE cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:windows:*:*
cpe:2.3:o:canonical:ubuntu_linux:20.04:*:*:*:lts:*:*:*
cpe:2.3:a:netapp:active_iq_unified_manager:-:*:*:*:*:vmware_vsphere:*:*
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*
cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*

26 May 2021, 12:15

Type Values Removed Values Added
References
  • (GENTOO) https://security.gentoo.org/glsa/202105-27 -

Information

Published : 2020-07-15 18:15

Updated : 2024-02-04 21:00


NVD link : CVE-2020-14697

Mitre link : CVE-2020-14697

CVE.ORG link : CVE-2020-14697


JSON object : View

Products Affected

oracle

  • mysql

netapp

  • oncommand_insight
  • active_iq_unified_manager
  • snapcenter
  • oncommand_workflow_automation

canonical

  • ubuntu_linux