TR-20-243 (MySQL Zafiyeti)

Genel Bilgi

MySQL ve eklentilerinde kritik DoS ve ACE zafiyetleri tespit edildi.

Etki

Birden çok mevcut güvenlik açıklığı nedeniyle, siber saldırganlar tarafından hedef alınan sistemlerde DoS zafiyetine sebebiyet verebilmektedir. Bu zafiyetin ileriki zamanlarda zararlı yazılım yaymakta da kullanılabileceği öngörülmektedir. CVE-2020-3194, CVE-2020-2752, CVE-2020-2759, CVE-2020-2760, CVE-2020-2761, CVE-2020-2762, CVE-2020-2763, CVE-2020-2765, CVE-2020-2768, CVE-2020-2770, CVE-2020-2774, CVE-2020-2779, CVE-2020-2780, CVE-2020-2790, CVE-2020-2804, CVE-2020-2806, CVE-2020-2812, CVE-2020-2814, CVE-2020-2853, CVE-2020-2875, CVE-2020-2892, CVE-2020-2893, CVE-2020-2895, CVE-2020-2896, CVE-2020-2897, CVE-2020-2898, CVE-2020-2901, CVE-2020-2903, CVE-2020-2904, CVE-2020-2921, CVE-2020-2922, CVE-2020-2923, CVE-2020-2924, CVE-2020-2925, CVE-2020-2926, CVE-2020-2928, CVE-2020-2930, CVE-2020-2933 ve CVE-2020-2934 .

Çözüm

Ulusal Siber Olaylara Müdahale Merkezi (USOM), sistem yöneticilerine; MySQL güncellemelerini ivedilikle yapmalarını önermektedir.

Kaynaklar

https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2752

https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2759

https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2760

https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2761

https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2762

https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2763

https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2765

https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2768

https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2752

https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2759

https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2760

https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2761

https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2762

https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2763

https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2765

https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2768

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2934

2020-04-17