Cloud Vulnerability DB
A community-led vulnerabilities database
Vulnerability DatabaseCVE-2020-2774
CVE-2020-2774:
MySQL vulnerability analysis and mitigation
Overview
CVE-2020-2774 is a security vulnerability affecting the MySQL Server product, specifically in the Server: Security: Privileges component. The vulnerability was disclosed in April 2020 as part of Oracle's Critical Patch Update (Oracle CPU).
Technical details
The vulnerability affects MySQL Protocol and has been rated with a CVSS score of 4.9 (MEDIUM) with the vector AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H (NetApp Advisory). The vulnerability impacts MySQL Server versions prior to 5.6.47, 5.7.29 and 8.0.19.
Impact
If successfully exploited, this vulnerability could lead to unauthorized access to MySQL Server privileges, potentially resulting in a denial of service condition or unauthorized access to MySQL Server accessible data (Red Hat Advisory).
Mitigation and workarounds
Oracle has released security patches to address this vulnerability. Users should upgrade to MySQL versions 5.6.47 or later, 5.7.29 or later, or 8.0.19 or later. After installing the updates, the MySQL server daemon (mysqld) will need to be restarted (Red Hat Advisory).
Additional resources
Source: This report was generated using AI
Related MySQL vulnerabilities:
Free Vulnerability Assessment
Benchmark your Cloud Security Posture
Evaluate your cloud security practices across 9 security domains to benchmark your risk level and identify gaps in your defenses.
Additional Wiz resources
Get a personalized demo
Ready to see Wiz in action?
"Best User Experience I have ever seen, provides full visibility to cloud workloads."
David EstlickCISO
"Wiz provides a single pane of glass to see what is going on in our cloud environments."
Adam FletcherChief Security Officer
"We know that if Wiz identifies something as critical, it actually is."
Greg PoniatowskiHead of Threat and Vulnerability Management