---

CVE-2019-2435 - log back

CVE-2019-2435 created at 25 Sep 2019 19:31:40
Severity	+ High
Remote	+ Remote
Type	+ Authentication bypass
Description	+ A flaw was found in mysql-connector prior to version 8.0.13. Unauthenticated attacker with network access via TLS could compromise MySQL Connectors. Successful attacks require human interaction from a person other than the attacker and can result in unauthorized creation, deletion or modification access to critical data.
References	+ https://github.com/mysql/mysql-connector-python/commit/069bc6737dd13b7f3a41d7fc23b789b659d8e205 + https://security.netapp.com/advisory/ntap-20190118-0002/ + https://www.oracle.com/technetwork/security-advisory/cpujan2019-5072801.html
Notes