Oracle MySQL Server Optimizer Vulnerability

By GIXnews

A vulnerability in the Server: Optimizer subcomponent of the MySQL Server component of Oracle MySQL could allow an authenticated, remote attacker with high privileges to cause a denial of service (DoS) condition on a targeted system.

The vulnerability is due to improper input validation that is performed by the affected software. An attacker with network access to the system via multiple protocols could exploit the vulnerability by submitting malicious input to the affected software. A successful exploit could allow the attacker to cause a complete DoS condition on the system.

Oracle confirmed the vulnerability and released software updates.

Security Impact Rating: Medium

CVE: CVE-2019-2681

Source:: Cisco Multivendor Vulnerability Alerts