CVE-2019-2435

Name of the Vulnerable Software and Affected Versions MySQL Connectors versions 8.0.13 and prior MySQL Connectors versions 2.1.8 and prior

Description The issue is related to errors in the code of the Connector/Python subcomponent of MySQL Connectors. It allows a remote attacker to gain unauthorized access to protected data using the TLS protocol. Successful attacks require human interaction from a person other than the attacker and can result in unauthorized creation, deletion, or modification access to critical data or all accessible data.

Recommendations For versions 8.0.13 and prior, update to a version later than 8.0.13 to resolve the issue. For versions 2.1.8 and prior, update to a version later than 2.1.8 to resolve the issue. As a temporary workaround, consider restricting access to the TLS protocol until a patch is available.