This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.MYSQL_5_7_29.NASLMySQL 5.7.x < 5.7.29 Multiple Vulnerabilities (Jan 2020 CPU)
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.098 Low
EPSS
Percentile
94.8%
The version of MySQL running on the remote host is 5.7.x prior to 5.7.29. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the January 2020 Critical Patch Update advisory:
-
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Compiling (cURL)). Supported versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server (CVE-2019-5482).
-
Unspecified vulnerability in the optimizer component of Oracle MySQL Server. An authenticated, remote attacker could exploit this issue, to compromise the availability of the application (CVE-2020-2579).
-
Unspecified vulnerabilities in the InnoDB component of Oracle MySQL Server. An authenticated, remote attacker could exploit these issues, to compromise the availability of the application (CVE-2020-2577, CVE-2020-2589).
Note that Nessus has not tested for these issues but has instead relied only on the application’s self-reported version number.
#
# (C) Tenable Network Security, Inc.
#
#
# (C) Tenable Network Security, Inc.
#
include('compat.inc');
if (description)
{
script_id(132957);
script_version("1.10");
script_set_attribute(attribute:"plugin_modification_date", value:"2022/10/21");
script_cve_id(
"CVE-2019-5482",
"CVE-2020-2570",
"CVE-2020-2572",
"CVE-2020-2573",
"CVE-2020-2574",
"CVE-2020-2577",
"CVE-2020-2579",
"CVE-2020-2584",
"CVE-2020-2589",
"CVE-2020-2660",
"CVE-2020-2790",
"CVE-2020-2806",
"CVE-2020-2814"
);
script_xref(name:"IAVA", value:"2020-A-0143-S");
script_name(english:"MySQL 5.7.x < 5.7.29 Multiple Vulnerabilities (Jan 2020 CPU)");
script_set_attribute(attribute:"synopsis", value:
"The remote database server is affected by multiple vulnerabilities.");
script_set_attribute(attribute:"description", value:
"The version of MySQL running on the remote host is 5.7.x prior to 5.7.29. It is, therefore, affected by multiple
vulnerabilities, including three of the top vulnerabilities below, as noted in the January 2020 Critical Patch Update
advisory:
- Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Compiling (cURL)). Supported
versions that are affected are 5.7.28 and prior and 8.0.18 and prior. Easily exploitable vulnerability allows
unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful
attacks of this vulnerability can result in takeover of MySQL Server (CVE-2019-5482).
- Unspecified vulnerability in the optimizer component of Oracle MySQL Server. An authenticated, remote attacker
could exploit this issue, to compromise the availability of the application (CVE-2020-2579).
- Unspecified vulnerabilities in the InnoDB component of Oracle MySQL Server. An authenticated, remote attacker
could exploit these issues, to compromise the availability of the application (CVE-2020-2577, CVE-2020-2589).
Note that Nessus has not tested for these issues but has instead relied only on the application's self-reported version
number.");
# https://dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-29.html
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?3cccf6b9");
# https://www.oracle.com/security-alerts/cpujan2020.html#AppendixMSQL
script_set_attribute(attribute:"see_also", value:"http://www.nessus.org/u?af742c14");
script_set_attribute(attribute:"solution", value:
"Upgrade to MySQL version 5.7.29 or later.");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:U/RL:O/RC:C");
script_set_attribute(attribute:"cvss_score_source", value:"CVE-2019-5482");
script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
script_set_attribute(attribute:"vuln_publication_date", value:"2020/01/14");
script_set_attribute(attribute:"patch_publication_date", value:"2020/01/14");
script_set_attribute(attribute:"plugin_publication_date", value:"2020/01/16");
script_set_attribute(attribute:"agent", value:"all");
script_set_attribute(attribute:"plugin_type", value:"combined");
script_set_attribute(attribute:"cpe", value:"cpe:/a:oracle:mysql");
script_set_attribute(attribute:"stig_severity", value:"I");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_family(english:"Databases");
script_copyright(english:"This script is Copyright (C) 2020-2022 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_dependencies(
"mysql_version.nasl",
"mysql_login.nasl",
"mysql_version_local.nasl",
"mysql_win_installed.nbin",
"macosx_mysql_installed.nbin"
);
script_require_keys("installed_sw/MySQL Server");;
exit(0);
}
include('vcf_extras_mysql.inc');
var app_info = vcf::mysql::combined_get_app_info();
var constraints = [{ 'min_version' : '5.7.0', 'fixed_version' : '5.7.29'}];
vcf::check_version_and_report(app_info:app_info, constraints:constraints, severity:SECURITY_HOLE);References
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-5482
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2570
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2572
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2573
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2574
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2577
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2579
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2584
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2589
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2660
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2790
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2806
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-2814
www.nessus.org/u?3cccf6b9
www.nessus.org/u?af742c14
Related
7.5 High
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
0.098 Low
EPSS
Percentile
94.8%