CVE-2019-2969

Name of the Vulnerable Software and Affected Versions MySQL Server versions 5.6.44 and prior MySQL Server versions 5.7.26 and prior MySQL Server versions 8.0.16 and prior

Description The vulnerability in the MySQL Server product is related to the lack of protection of service data in the Client programs component. This easily exploitable issue allows an unauthenticated attacker with logon to the infrastructure where MySQL Server is executed to compromise MySQL Server, potentially resulting in unauthorized access to critical data or complete access to all MySQL Server accessible data. Successful attacks can also cause a hang or frequently repeatable crash of MySQL Server.

Recommendations For MySQL Server versions 5.6.44 and prior, update to a version later than 5.6.44 to resolve the issue. For MySQL Server versions 5.7.26 and prior, update to a version later than 5.7.26 to resolve the issue. For MySQL Server versions 8.0.16 and prior, update to a version later than 8.0.16 to resolve the issue. As a temporary workaround, consider restricting access to the Client programs component to minimize the risk of exploitation.