Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
===========================================================================
AUSCERT Security Bulletin
ASB-2019.0296
Multiple vulnerabilities have been identified in Oracle MySQL products
16 October 2019
===========================================================================
AusCERT Security Bulletin Summary
---------------------------------
Product: Oracle MySQL products
Operating System: Windows
UNIX variants (UNIX, Linux, OSX)
Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated
Modify Arbitrary Files -- Existing Account
Denial of Service -- Remote/Unauthenticated
Access Confidential Data -- Remote/Unauthenticated
Resolution: Patch/Upgrade
CVE Names: CVE-2019-10072 CVE-2019-8457 CVE-2019-5443
CVE-2019-3018 CVE-2019-3011 CVE-2019-3009
CVE-2019-3004 CVE-2019-3003 CVE-2019-2998
CVE-2019-2997 CVE-2019-2993 CVE-2019-2991
CVE-2019-2982 CVE-2019-2974 CVE-2019-2969
CVE-2019-2968 CVE-2019-2967 CVE-2019-2966
CVE-2019-2963 CVE-2019-2960 CVE-2019-2957
CVE-2019-2950 CVE-2019-2948 CVE-2019-2946
CVE-2019-2938 CVE-2019-2924 CVE-2019-2923
CVE-2019-2922 CVE-2019-2920 CVE-2019-2914
CVE-2019-2911 CVE-2019-2910 CVE-2019-1549
CVE-2019-1543
Member content until: Friday, November 15 2019
Reference: ASB-2019.0286
ASB-2019.0206
ESB-2019.3730
ESB-2019.3692.3
OVERVIEW
Multiple vulnerabilities have been identified in :
o MySQL Connectors, versions 5.3.13 and prior, 8.0.17 and prior
o MySQL Enterprise Monitor, versions 8.0.17 and prior
o MySQL Server, versions 5.6.45 and prior, 5.7.27 and prior, 8.17
and prior
o MySQL Workbench, versions 8.0.17 and prior [1]
IMPACT
The vendor has provided the following information regarding the
vulnerabilities:
"This Critical Patch Update contains 34 new security patches for
Oracle MySQL. 9 of these vulnerabilities may be remotely exploitable
without authentication, i.e., may be exploited over a network without
requiring user credentials." [1]
"CVE-2019-8457
9.8 AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Easily exploitable vulnerability allows unauthenticated attacker with
network access via MySQL Workbench to compromise MySQL Workbench.
Successful attacks of this vulnerability can result in takeover of
MySQL Workbench.
Affects:
o MySQL Workbench 8.0.17 and prior
CVE-2019-5443
7.8 AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
Easily exploitable vulnerability allows low privileged attacker with
logon to the infrastructure where MySQL Server executes to compromise
MySQL Server. Successful attacks of this vulnerability can result in
takeover of MySQL Server.
Affects:
o MySQL Server 5.7.27 and prior, 8.0.17 and prior
CVE-2019-10072
7.5 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Easily exploitable vulnerability allows unauthenticated attacker with
network access via HTTP to compromise MySQL Enterprise Monitor.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Enterprise Monitor.
Affects:
o MySQL Enterprise Monitor 8.0.17 and prior
CVE-2019-1543
7.4 AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:H/A:N
Difficult to exploit vulnerability allows unauthenticated attacker
with network access via TLS to compromise MySQL Connectors.
Successful attacks of this vulnerability can result in unauthorized
creation, deletion or modification access to critical data or all
MySQL Connectors accessible data as well as unauthorized access to
critical data or complete access to all MySQL Connectors accessible
data.
Affects:
o MySQL Connectors 5.3.13 and prior, 8.0.17 and prior
CVE-2019-3011
6.5 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Easily exploitable vulnerability allows low privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 8.0.17 and prior
CVE-2019-2966
6.5 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Easily exploitable vulnerability allows low privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 8.0.17 and prior
CVE-2019-2967
6.5 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Easily exploitable vulnerability allows low privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 8.0.17 and prior
CVE-2019-2974
6.5 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Easily exploitable vulnerability allows low privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 5.6.45 and prior, 5.7.27 and prior, 8.0.17 and
prior
CVE-2019-2946
6.5 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Easily exploitable vulnerability allows low privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 5.7.27 and prior, 8.0.17 and prior
CVE-2019-3004
6.5 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Easily exploitable vulnerability allows low privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 8.0.17 and prior
CVE-2019-2914
6.5 AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
Easily exploitable vulnerability allows low privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 5.7.27 and prior, 8.0.17 and prior
CVE-2019-2969
6.2 AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Easily exploitable vulnerability allows unauthenticated attacker with
logon to the infrastructure where MySQL Server executes to compromise
MySQL Server. Successful attacks of this vulnerability can result in
unauthorized access to critical data or complete access to all MySQL
Server accessible data.
Affects:
o MySQL Server 5.6.44 and prior, 5.7.26 and prior, 8.0.16 and
prior
CVE-2019-2991
5.5 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:H
Easily exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server as well as unauthorized update, insert or delete
access to some of MySQL Server accessible data.
Affects:
o MySQL Server 8.017 and prior
CVE-2019-2920
5.3 AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Easily exploitable vulnerability allows unauthenticated attacker with
network access via multiple protocols to compromise MySQL Connectors.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a partial denial of service (partial DOS) of MySQL
Connectors.
Affects:
o MySQL Connectors 5.3.13 and prior, 8.0.17 and prior
CVE-2019-2993
5.3 AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
Difficult to exploit vulnerability allows low privileged attacker
with network access via multiple protocols to compromise MySQL
Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server.
Affects:
o MySQL Server 5.7.27 and prior, 8.0.17 and prior
CVE-2019-2922
5.3 AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Easily exploitable vulnerability allows unauthenticated attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
read access to a subset of MySQL Server accessible data.
Affects:
o MySQL Server 5.6.45 and prior, 5.7.27 and prior
CVE-2019-2923
5.3 AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Easily exploitable vulnerability allows unauthenticated attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
read access to a subset of MySQL Server accessible data.
Affects:
o MySQL Server 5.6.45 and prior, 5.7.27 and prior
CVE-2019-2924
5.3 AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Easily exploitable vulnerability allows unauthenticated attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
read access to a subset of MySQL Server accessible data.
Affects:
o MySQL Server 5.6.45 and prior, 5.7.27 and prior
CVE-2019-1549
5.3 AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
Easily exploitable vulnerability allows unauthenticated attacker with
network access via MySQL Workbench to compromise MySQL Workbench.
Successful attacks of this vulnerability can result in unauthorized
read access to a subset of MySQL Workbench accessible data.
Affects:
o MySQL Workbench 8.0.17 and prior
CVE-2019-2963
4.9 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Easily exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 8.0.17 and prior
CVE-2019-2968
4.9 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Easily exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 8.0.17 and prior
CVE-2019-3003
4.9 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Easily exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 8.0.16 and prior
CVE-2019-2997
4.9 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Easily exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 8.0.17 and prior
CVE-2019-2948
4.9 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Easily exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 5.7.26 and prior, 8.0.16 and prior
CVE-2019-2950
4.9 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Easily exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 8.0.16 and prior
CVE-2019-2982
4.9 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Easily exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 8.0.17 and prior
CVE-2019-2998
4.9 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Easily exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 8.0.17 and prior
CVE-2019-2960
4.9 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Easily exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 5.7.27 and prior, 8.0.17 and prior
CVE-2019-2957
4.9 AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H
Easily exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
ability to cause a hang or frequently repeatable crash (complete DOS)
of MySQL Server.
Affects:
o MySQL Server 8.0.17 and prior
CVE-2019-2938
4.4 AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Difficult to exploit vulnerability allows high privileged attacker
with network access via multiple protocols to compromise MySQL
Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server.
Affects:
o MySQL Server 5.7.27 and prior, 8.0.17 and prior
CVE-2019-3018
4.4 AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Difficult to exploit vulnerability allows high privileged attacker
with network access via multiple protocols to compromise MySQL
Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server.
Affects:
o MySQL Server 8.0.17 and prior
CVE-2019-3009
4.4 AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:N/A:H
Difficult to exploit vulnerability allows high privileged attacker
with network access via multiple protocols to compromise MySQL
Server. Successful attacks of this vulnerability can result in
unauthorized ability to cause a hang or frequently repeatable crash
(complete DOS) of MySQL Server.
Affects:
o MySQL Server 8.0.17 and prior
CVE-2019-2910
3.7 AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Difficult to exploit vulnerability allows unauthenticated attacker
with network access via multiple protocols to compromise MySQL
Server. Successful attacks of this vulnerability can result in
unauthorized read access to a subset of MySQL Server accessible data.
Affects:
o MySQL Server 5.6.45 and prior, 5.7.27 and prior
CVE-2019-2911
2.7 AV:N/AC:L/PR:H/UI:N/S:U/C:L/I:N/A:N
Easily exploitable vulnerability allows high privileged attacker with
network access via multiple protocols to compromise MySQL Server.
Successful attacks of this vulnerability can result in unauthorized
read access to a subset of MySQL Server accessible data.
Affects:
o MySQL Server 5.6.45 and prior, 5.7.27 and prior, 8.0.17 and
prior" [2]
MITIGATION
Oracle states:
"Due to the threat posed by a successful attack, Oracle strongly
recommends that customers apply CPU fixes as soon as possible. Until
you apply the CPU fixes, it may be possible to reduce the risk of
successful attack by blocking network protocols required by an
attack. For attacks that require certain privileges or access to
certain packages, removing the privileges or the ability to access
the packages from users that do not need the privileges may help
reduce the risk of successful attack. Both approaches may break
application functionality, so Oracle strongly recommends that
customers test changes on non-production systems. Neither approach
should be considered a long-term solution as neither corrects the
underlying problem." [1]
REFERENCES
[1] Oracle Critical Patch Update Advisory - October 2019
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
[2] Text Form of Oracle Critical Patch Update - October 2019 Risk
Matrices
https://www.oracle.com/technetwork/security-advisory/cpuoct2019verbose-5072833.html
AusCERT has made every effort to ensure that the information contained
in this document is accurate. However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.
===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072
Internet Email: auscert@auscert.org.au
Facsimile: (07) 3365 7031
Telephone: (07) 3365 4417 (International: +61 7 3365 4417)
AusCERT personnel answer during Queensland business hours
which are GMT+10:00 (AEST).
On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967
iQIVAwUBXaasEGaOgq3Tt24GAQgRIhAAiPSCYZJob/QMH+eeJgCrVsjh5H10jLu7
xlmq8IigcMyo39v7uBjP5mUGtloE8yH4pawLXzqcorM5n0DTrKUvsf9Xw+0vCFsn
GJMUl+BOxM4rmYd5EbYTwMBr/YNtQeXaYObNzX9Q1uM1s56GnFA/aZOPVhpuZF8b
Jkz3mPdrSb0GmIaJl/YWa2RDPSCs5SiVUN9YmeY8nUE6GUOfqRBUHCa9IlPXPOEu
hteYnRqXKV+Ui2EvcEmKaPDRErJg+AMZWYFJmH6PF12WACpezfLWE3TdGm8EiARz
/Si+zL7CsgEQN2S5BY5mNXUnQiHUEu/Ysvt2ZKY0aXfUudkBtw4Xo+SL+WCDDL0J
Xr4yf4KEmbkcE7cJmN3V9AzK6DM1B/gO3YiuU3S+YfOaz+wSMIHf8FBFQ1twqVTi
YF0d3UpxhorkAVq584pEell8NRY2omHhELrQdZgZ+WdZMRNVC6CrwEsS7JkMTQKO
3KXW34MAADjV9+4emWQE9zNT5UnNVdeCdfl9flowuwk3K1vgZwc4EvK4c2eQHvK2
XFtbTeGlmPdOLKaDSUSbnVq6C6eMHszmZK77ArSiNF8hoN1O1Ed0rkdlla+paUbF
NIBkO/xIG5YJqpXNdMJt4sn2i2suAkbCOVcuMZL7+UGt40056mhlL2ZWNd1j+oto
nnlCw6uo6Ic=
=mYI5
-----END PGP SIGNATURE-----