ALERT: Some images may not load properly within the Knowledge Base Article. If you see a broken image, please right-click and select 'Open image in a new tab'. We apologize for this inconvenience.

NFA - Mysql vulnerabilities

book

Article ID: 226762

calendar_today

Updated On:

Products

CA Network Flow Analysis (NetQos / NFA) DX NetOps

Issue/Introduction

MySQL 5.7.x < 5.7.27 Multiple Vulnerabilities (Jul 2019 CPU)
CVE-2018-16890,CVE-2019-2737,CVE-2019-2738,CVE-2019-2739,CVE-2019-2740,CVE-2019-2741,CVE-2019-2757,CVE-2019-2758,CVE-2019-2774,CVE-2019-2778,CVE-2019-2791,CVE-2019-2797,CVE-2019-2805,CVE-2019-2819,CVE-2019-2948,CVE-2019-2969,CVE-2019-3822,CVE-2019-3823


NetFlow - MySQL 5.7.x < 5.7.34 Multiple Vulnerabilities (Apr 2021 CPU)
CVE-2021-2146,CVE-2021-2154,CVE-2021-2162,CVE-2021-2166,CVE-2021-2169,CVE-2021-2171,CVE-2021-2174,CVE-2021-2179,CVE-2021-2180,CVE-2021-2194,CVE-2021-2226,CVE-2021-2307,CVE-2021-3449,CVE-2021-23841


MySQL 5.7.x < 5.7.35 Multiple Vulnerabilities (Jul 2021 CPU)
CVE-2019-17543,CVE-2021-2342,CVE-2021-2356,CVE-2021-2372,CVE-2021-2385,CVE-2021-2389,CVE-2021-2390,CVE-2021-22901


Oracle MySQL Connectors OpenSSL (Jan 2020 CPU)
CVE-2019-1547

 

 

Environment

Release : 20.2.x

Component :NFA 

Resolution

 Netops 21.2.1 /NFA release 21.2.1 has Mysql version 5.7.33 and should be addressing vulnerabilities for mysql version less than 5.7.33 

Netops 21.2.4/ NFA 21.2.4 uses Mysql 5.7.35 should be addressing vulnerabilities for mysql version less than 5.7.35

Netops 21.2.4/ NFA 21.2.4 uses openssl version 1.1.1K and should be addressing CVE-2019-1547

https://api-broadcom-ca.wolkenservicedesk.com/attachment/get_attachment_content?uniqueFileId=AvjLN723yjFig18GpOhSmQ==

Openssl version 1.1.1K

https://api-broadcom-ca.wolkenservicedesk.com/attachment/get_attachment_content?uniqueFileId=tqRKoGW+fYxlG/43avr3Qg==