CVE-2020-2875

Name of the Vulnerable Software and Affected Versions MySQL Connectors versions 8.0.14 and prior MySQL Connectors versions 5.1.48 and prior

Description The issue is related to insufficient access control in the Connector/J component of MySQL Connectors, allowing an unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and may significantly impact additional products. This can result in unauthorized update, insert, or delete access to some of MySQL Connectors' accessible data, as well as unauthorized read access to a subset of MySQL Connectors' accessible data.

Recommendations For versions 8.0.14 and prior, update to a version later than 8.0.14 to resolve the issue. For versions 5.1.48 and prior, update to a version later than 5.1.48 to resolve the issue. As a temporary workaround, consider restricting access to the Connector/J component until a patch is available.