CVE-2020-14702

Name of the Vulnerable Software and Affected Versions MySQL Server versions 8.0.20 and prior

Description The issue is related to insufficient input validation in the Server: Security: Privileges component of Oracle MySQL Server. This allows a highly privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks can result in the unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.

Recommendations For MySQL Server versions 8.0.20 and prior, update to a version later than 8.0.20 to resolve the issue. As a temporary workaround, consider restricting network access to the MySQL Server to minimize the risk of exploitation. Additionally, monitor the server for signs of a denial-of-service attack, such as frequent crashes or hangs, and be prepared to take corrective action if necessary.