TR-20-043 (MySQL Zafiyeti)

Genel Bilgi

MySQL ve eklentilerinde kritik zafiyetleri tespit edildi.

Etki

Birden çok mevcut güvenlik açıklığı nedeniyle, siber saldırganlar tarafından hedef alınan sistemlerde DoS zafiyetine sebebiyet verebilmektedir. Bu zafiyetin ileriki zamanlarda zararlı yazılım yaymakta da kullanılabileceği öngörülmektedir. CVE-2020-2570, CVE-2020-2572, CVE-2020-2573, CVE-2020-2574, CVE-2020-2577, CVE-2020-2579, CVE-2020-2580, CVE-2020-2584, CVE-2020-2588, CVE-2020-2589, CVE-2020-2627, CVE-2020-2660, CVE-2020-2679, CVE-2020-2686 ve CVE-2020-2694 .

Çözüm

Ulusal Siber Olaylara Müdahale Merkezi (USOM), sistem yöneticilerine; MySQL güncellemelerini ivedilikle yapmalarını önermektedir.

Kaynaklar


https://nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2572
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2573
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2574
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2577
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2579
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2580
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2584
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2588
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2589
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2627
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2660
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2679
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2686
https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2020-2694 

2020-01-17