CVE-2020-14853

Name of the Vulnerable Software and Affected Versions: MySQL Cluster versions 8.0.21 and prior

Description: The issue is related to insufficient input validation in the Cluster: NDBCluster Plugin component of the MySQL Cluster product. It allows a low-privileged attacker with network access via multiple protocols to compromise MySQL Cluster. Successful attacks require human interaction from a person other than the attacker and can result in unauthorized update, insert, or delete access to some of MySQL Cluster's accessible data, as well as the ability to cause a partial denial of service (partial DOS) of MySQL Cluster.

Recommendations: For versions 8.0.21 and prior, update to a version that contains a fix for this issue. At the moment, there is no information about a newer version that contains a fix for this vulnerability.