admin/cvelist
1
0
Fork 0
mirror of https://github.com/CVEProject/cvelist.git synced 2025-08-04 08:44:25 +00:00
Code Issues Packages Projects Releases Wiki Activity
cvelist/2020/2xxx/CVE-2020-2934.json
CVE Team 3599c2a54c
"-Synchronized-Data."
2022-01-19 12:01:15 +00:00

112 lines
5.3 KiB
JSON
Raw Blame History

{
"data_type": "CVE",
"data_format": "MITRE",
"data_version": "4.0",
"CVE_data_meta": {
"ASSIGNER": "secalert_us@oracle.com",
"ID": "CVE-2020-2934",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "WebLogic Server",
"version": {
"version_data": [
{
"version_value": "12.1.3.0.0",
"version_affected": "="
},
{
"version_value": "12.2.1.3.0",
"version_affected": "="
},
{
"version_value": "12.2.1.4.0",
"version_affected": "="
},
{
"version_value": "14.1.1.0.0",
"version_affected": "="
}
]
}
}
]
},
"vendor_name": "Oracle Corporation"
}
]
}
},
"description": {
"description_data": [
{
"lang": "eng",
"value": "Vulnerability in the MySQL Connectors product of Oracle MySQL (component: Connector/J). Supported versions that are affected are 8.0.19 and prior and 5.1.48 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors. CVSS 3.0 Base Score 5.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L)."
}
]
},
"impact": {
"cvss": {
"baseScore": "5.0",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:L/I:L/A:L",
"version": "3.0"
}
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connectors."
}
]
}
]
},
"references": {
"reference_data": [
{
"refsource": "MLIST",
"name": "[debian-lts-announce] 20200611 [SECURITY] [DLA 2245-1] mysql-connector-java security update",
"url": "https://lists.debian.org/debian-lts-announce/2020/06/msg00015.html"
},
{
"refsource": "DEBIAN",
"name": "DSA-4703",
"url": "https://www.debian.org/security/2020/dsa-4703"
},
{
"url": "https://www.oracle.com/security-alerts/cpuapr2020.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpuapr2020.html"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-747ec39700",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4QDR2WOUETBT76WAO5NNCCXSAM3AGG3D/"
},
{
"refsource": "FEDORA",
"name": "FEDORA-2020-35995bb2d3",
"url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/MDKQVPFT4Z4SFPBH6YNFMJOXKS2YYKHA/"
},
{
"refsource": "GENTOO",
"name": "GLSA-202105-27",
"url": "https://security.gentoo.org/glsa/202105-27"
},
{
"url": "https://www.oracle.com/security-alerts/cpujan2022.html",
"refsource": "MISC",
"name": "https://www.oracle.com/security-alerts/cpujan2022.html"
}
]
}
}
Reference in New Issue View Git Blame Copy Permalink