SB2020041901 - Multiple vulnerabilities in MySQL Workbench

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2020041901

SB2020041901 - Multiple vulnerabilities in MySQL Workbench

Published: April 19, 2020

Security Bulletin ID SB2020041901
Severity
Medium
Patch available
YES
Number of vulnerabilities 3
Exploitation vector Remote access
Highest impact Code execution

Breakdown by Severity

Medium 100%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 3 secuirty vulnerabilities.


1) Input validation error (CVE-ID: CVE-2019-15601)

The vulnerability allows a remote attacker to gain access to sensitive information.

The vulnerability exists due to insufficient validation of user-supplied URL. A remote attacker can pass  URL to the SMB share using the "file://" URI handler and read arbitrary files from local resources.

Example: file://localhost//hostname/home/secret.txt

Note, this issue affects Windows installations only.


2) OS Command Injection (CVE-ID: CVE-2019-14889)

The vulnerability allows a remote attacker to execute arbitrary shell commands on the target system.

The vulnerability exists due to incorrect handling of the SCP command parameters when initiating the connection within the ssh_scp_new() function. A remote attacker can trick victim into using a specially crafted SCP command to connect to a remote SCP server and execute arbitrary commands on the target server with privileges of the current user.


3) Input validation error (CVE-ID: CVE-2019-19646)

The vulnerability allows a remote attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to insufficient validation of NOT NULL in an integrity_check PRAGMA command in pragma.c when generating certain columns. A remote attacker can perform a denial of service attack.


Remediation

Install update from vendor's website.

References