CVE-2020-2812

Name of the Vulnerable Software and Affected Versions MySQL Server versions 5.6.47 and prior MySQL Server versions 5.7.29 and prior MySQL Server versions 8.0.19 and prior

Description The issue is related to the Server: Stored Procedure component of MySQL Server and is caused by inadequate access control. It allows a high-privileged attacker with network access via multiple protocols to compromise MySQL Server, resulting in the ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.

Recommendations For versions 5.6.47 and prior, update to a version later than 5.6.47. For versions 5.7.29 and prior, update to a version later than 5.7.29. For versions 8.0.19 and prior, update to a version later than 8.0.19. As a temporary workaround, consider restricting access to the Server: Stored Procedure component to minimize the risk of exploitation.