SB2019101532 - Multiple vulnerabilities in MySQL Connectors
Published: October 15, 2019
Security Bulletin ID
SB2019101532
Severity
Medium
Patch available
YES
Number of vulnerabilities
2
Exploitation vector
Remote access
Highest impact
Denial of service
Breakdown by Severity
- Low
- Medium
- High
- Critical
Description
This security bulletin contains information about 2 secuirty vulnerabilities.
1) Improper input validation (CVE-ID: CVE-2019-2920)
The vulnerability allows a remote non-authenticated attacker to perform service disruption.
The vulnerability exists due to improper input validation within the Connector/ODBC component in MySQL Connectors. A remote non-authenticated attacker can exploit this vulnerability to perform service disruption.
2) Use of a broken or risky cryptographic algorithm (CVE-ID: CVE-2019-1543)
The vulnerability allows a remote attacker to gain access to encrypted data.
The vulnerability exists due to incorrect implementation of the ChaCha20-Poly1305 cipher. For messages, encrypted with this cipher, a reused nonce value is used that is susceptible to serious confidentiality and integrity attacks. If an application changes the default nonce length to be longer than 12 bytes and then makes a change to the leading bytes of the nonce expecting the new value to be a new unique nonce then such an application could inadvertently encrypt messages with a reused nonce.
This vulnerability does not affect internal usage of the cipher within OpenSSL. However if an application uses this cipher directly and sets a non-default nonce length to be longer than 12 bytes, it may be vulnerable.
Remediation
Install update from vendor's website.