CVE-2017-10379

CVSS v3.1 6.5 (Medium)

CVSS v2.0 4 (Medium)

EPSS 0.26 % (66^th)

Affected Products 17

Advisories 20

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 6.5 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:N/A:N).

Weaknesses

CWE-863: Incorrect Authorization

CVE Status: PUBLISHED
CNA: Oracle
Published Date: 2017-10-19 17:29:05
(7 years ago)
Updated Date: 2022-07-19 17:09:23
(2 years ago)

Affected Products

Debian

Debian Linux

Mariadb

Mariadb

Netapp

Oracle

Mysql

Redhat

Configuration #1

	CPE23	From	Up To
Oracle Mysql from 5.5.0 version and 5.5.57 and prior versions	cpe:2.3:a:oracle:mysql	>= 5.5.0	<= 5.5.57
Oracle Mysql from 5.6.0 version and 5.6.37 and prior versions	cpe:2.3:a:oracle:mysql	>= 5.6.0	<= 5.6.37
Oracle Mysql from 5.7.0 version and 5.7.19 and prior versions	cpe:2.3:a:oracle:mysql	>= 5.7.0	<= 5.7.19

Configuration #2

	CPE23	From	Up To
Mariadb from 5.5.0 version and prior 5.5.57 version	cpe:2.3:a:mariadb:mariadb	>= 5.5.0	< 5.5.57
Mariadb from 10.0.0 version and prior 10.0.32 version	cpe:2.3:a:mariadb:mariadb	>= 10.0.0	< 10.0.32
Mariadb from 10.1.0 version and prior 10.1.26 version	cpe:2.3:a:mariadb:mariadb	>= 10.1.0	< 10.1.26
Mariadb from 10.2.0 version and prior 10.2.8 version	cpe:2.3:a:mariadb:mariadb	>= 10.2.0	< 10.2.8

Configuration #3

		CPE23	From	Up To
	Debian Linux 8.0	cpe:2.3:o:debian:debian_linux:8.0

Configuration #4

		CPE23	From	Up To
	Redhat Openstack 12	cpe:2.3:a:redhat:openstack:12
	Redhat Enterprise Linux Desktop 7.0	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
	Redhat Enterprise Linux Eus 7.5	cpe:2.3:o:redhat:enterprise_linux_eus:7.5
	Redhat Enterprise Linux Eus 7.6	cpe:2.3:o:redhat:enterprise_linux_eus:7.6
	Redhat Enterprise Linux Eus 7.7	cpe:2.3:o:redhat:enterprise_linux_eus:7.7
	Redhat Enterprise Linux Server 7.0	cpe:2.3:o:redhat:enterprise_linux_server:7.0
	Redhat Enterprise Linux Server Aus 7.6	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6
	Redhat Enterprise Linux Server Aus 7.7	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7
	Redhat Enterprise Linux Server Tus 7.6	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6
	Redhat Enterprise Linux Server Tus 7.7	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7
	Redhat Enterprise Linux Workstation 7.0	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0

Configuration #5

	CPE23	From	Up To
Netapp Active Iq Unified Manager for Windows from 7.3 version	cpe:2.3:a:netapp:active_iq_unified_manager::::::windows	>= 7.3
Netapp Active Iq Unified Manager for Vmware Vsphere from 9.5 version	cpe:2.3:a:netapp:active_iq_unified_manager::::::vmware_vsphere	>= 9.5
Netapp Oncommand Balance	cpe:2.3:a:netapp:oncommand_balance:-
Netapp Oncommand Insight	cpe:2.3:a:netapp:oncommand_insight:-
Netapp Oncommand Performance Manager for Vmware Vsphere	cpe:2.3:a:netapp:oncommand_performance_manager:-:::::vmware_vsphere
Netapp Oncommand Unified Manager for Vsphere 7.1 and prior versions	cpe:2.3:a:netapp:oncommand_unified_manager::::::vsphere		<= 7.1
Netapp Oncommand Unified Manager for Windows 7.1 and prior versions	cpe:2.3:a:netapp:oncommand_unified_manager::::::windows		<= 7.1
Netapp Oncommand Workflow Automation	cpe:2.3:a:netapp:oncommand_workflow_automation:-
Netapp Snapcenter	cpe:2.3:a:netapp:snapcenter:-