vulnerability
Oracle MySQL Vulnerability: CVE-2019-2904
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 8 | (AV:N/AC:L/Au:N/C:P/I:P/A:P) | Oct 16, 2019 | May 14, 2021 | May 14, 2021 |
Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
Oct 16, 2019
Added
May 14, 2021
Modified
May 14, 2021
Description
Vulnerability in the Oracle JDeveloper and ADF product of Oracle Fusion Middleware (component: ADF Faces). Supported versions that are affected are 11.1.1.9.0, 12.1.3.0.0 and 12.2.1.3.0. Easily exploitable vulnerability allows unauthenticated attacker with network access via HTTP to compromise Oracle JDeveloper and ADF. Successful attacks of this vulnerability can result in takeover of Oracle JDeveloper and ADF. CVSS 3.0 Base Score 9.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H).
Solution
mysql-upgrade-latest
References
- CVE-2019-2904
- https://attackerkb.com/topics/CVE-2019-2904
- URL-http://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
- URL-https://www.oracle.com/security-alerts/cpuapr2020.html
- URL-https://www.oracle.com/security-alerts/cpuapr2021.html
- URL-https://www.oracle.com/security-alerts/cpujan2020.html
- URL-https://www.oracle.com/security-alerts/cpujul2020.html
- URL-https://www.oracle.com/security-alerts/cpuoct2020.html
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.