CVE-2019-2692

Name of the Vulnerable Software and Affected Versions Oracle MySQL Connector/J versions prior to 8.0.15 Oracle MySQL Connector/J version 8.0.15

Description The issue is related to inadequate access control in the Connector/J subcomponent of Oracle MySQL Connectors, allowing a highly privileged attacker with logon access to the infrastructure where MySQL Connectors executes to potentially compromise MySQL Connectors. The exploitation of this issue is difficult and requires human interaction from a person other than the attacker. Successful attacks can result in the takeover of MySQL Connectors.

Recommendations For Oracle MySQL Connector/J versions prior to 8.0.15, update to a version later than 8.0.15 to resolve the issue. For Oracle MySQL Connector/J version 8.0.15, update to a version later than 8.0.15 to resolve the issue. As a temporary workaround, consider restricting access to the Connector/J subcomponent until a patch is available.