- Description
- Unspecified vulnerability in the MySQL Connector component 2.1.3 and earlier and 2.0.4 and earlier in Oracle MySQL allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Connector/Python.
- Source
- secalert_us@oracle.com
- NVD status
- Analyzed
CVSS 3.0
- Type
- Primary
- Base score
- 5.6
- Impact score
- 3.4
- Exploitability score
- 2.2
- Vector string
- CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
- Severity
- MEDIUM
CVSS 2.0
- Type
- Primary
- Base score
- 6.8
- Impact score
- 6.4
- Exploitability score
- 8.6
- Vector string
- AV:N/AC:M/Au:N/C:P/I:P/A:P
- nvd@nist.gov
- CWE-284
- Hype score
- Not currently trending
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:mysql_connector\\/python:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "3404E9AE-B3B0-46B6-9E0B-2F7755FA11A9",
"versionEndIncluding": "2.0.4",
"versionStartIncluding": "2.0.0"
}
],
"operator": "OR"
}
]
},
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:a:oracle:mysql_connector\\/python:*:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "39F92CBD-2B47-482A-9579-D38762EB7C9A",
"versionEndIncluding": "2.1.3",
"versionStartIncluding": "2.1.0"
}
],
"operator": "OR"
}
]
}
]