CVE-2020-14760

Name of the Vulnerable Software and Affected Versions MySQL Server versions 5.7.31 and prior

Description The issue is related to insufficient input validation in the Server: Optimizer component of MySQL Server. It allows a high-privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks can result in unauthorized access to update, insert, or delete some of MySQL Server's accessible data, as well as cause a hang or frequently repeatable crash (complete DOS) of MySQL Server.

Recommendations For versions 5.7.31 and prior, update to a version that contains a fix for this issue to prevent exploitation. As a temporary workaround, consider restricting network access to the MySQL Server to minimize the risk of exploitation. Additionally, ensure that only authorized and trusted users have high-privileged access to the MySQL Server.