Lucene search

[email protected]CVE-2002-1923

HistoryOct 03, 2022 - 4:23 p.m.

CVE-2002-1923

2022-10-0316:23:47

[email protected]

web.nvd.nist.gov

mysql

windows

vulnerability

logging

remote attack

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.7%

JSON

The default configuration in MySQL 3.20.32 through 3.23.52, when running on Windows, does not have logging enabled, which could allow remote attackers to conduct activities without detection.

Affected configurations

NVD

Node

oraclemysqlMatch3.20.32a

oraclemysqlMatch3.22.26

oraclemysqlMatch3.22.27

oraclemysqlMatch3.22.28

oraclemysqlMatch3.22.29

oraclemysqlMatch3.22.30

oraclemysqlMatch3.22.32

oraclemysqlMatch3.23.2

oraclemysqlMatch3.23.3

oraclemysqlMatch3.23.4

oraclemysqlMatch3.23.5

oraclemysqlMatch3.23.8

oraclemysqlMatch3.23.9

oraclemysqlMatch3.23.10

oraclemysqlMatch3.23.23

oraclemysqlMatch3.23.24

oraclemysqlMatch3.23.25

oraclemysqlMatch3.23.26

oraclemysqlMatch3.23.27

oraclemysqlMatch3.23.28

oraclemysqlMatch3.23.28gamma

oraclemysqlMatch3.23.29

oraclemysqlMatch3.23.30

oraclemysqlMatch3.23.31

oraclemysqlMatch3.23.34

oraclemysqlMatch3.23.36

oraclemysqlMatch3.23.37

oraclemysqlMatch3.23.38

oraclemysqlMatch3.23.39

oraclemysqlMatch3.23.40

oraclemysqlMatch3.23.41

oraclemysqlMatch3.23.42

oraclemysqlMatch3.23.43

oraclemysqlMatch3.23.44

oraclemysqlMatch3.23.45

oraclemysqlMatch3.23.46

oraclemysqlMatch3.23.47

oraclemysqlMatch3.23.48

oraclemysqlMatch3.23.49

oraclemysqlMatch3.23.50

oraclemysqlMatch3.23.51

oraclemysqlMatch3.23.52

CPENameOperatorVersion
oracle:mysqloracle mysqleq3.20.32a
oracle:mysqloracle mysqleq3.22.26
oracle:mysqloracle mysqleq3.22.27
oracle:mysqloracle mysqleq3.22.28
oracle:mysqloracle mysqleq3.22.29
oracle:mysqloracle mysqleq3.22.30
oracle:mysqloracle mysqleq3.22.32
oracle:mysqloracle mysqleq3.23.2
oracle:mysqloracle mysqleq3.23.3
oracle:mysqloracle mysqleq3.23.4

CPE	Name	Operator	Version
oracle:mysql	oracle mysql	eq	3.20.32a
oracle:mysql	oracle mysql	eq	3.22.26
oracle:mysql	oracle mysql	eq	3.22.27
oracle:mysql	oracle mysql	eq	3.22.28
oracle:mysql	oracle mysql	eq	3.22.29
oracle:mysql	oracle mysql	eq	3.22.30
oracle:mysql	oracle mysql	eq	3.22.32
oracle:mysql	oracle mysql	eq	3.23.2
oracle:mysql	oracle mysql	eq	3.23.3
oracle:mysql	oracle mysql	eq	3.23.4

Rows per page:

1-10 of 411

References

online.securityfocus.com/archive/1/288105

www.iss.net/security_center/static/9909.php

www.securityfocus.com/bid/5513

7.5 High

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

6.7 Medium

AI Score

Confidence

Low

0.005 Low

EPSS

Percentile

76.7%

JSON

Related for CVE-2002-1923

nvd1 cvelist1 nessus1