CVE-2018-2755

CVSS v3.1 7.7 (High)

CVSS v2.0 3.7 (Low)

EPSS 0.10 % (42^th)

Affected Products 15

Advisories 36

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).

Weaknesses

CWE-NVD-noinfo

CVE Status: PUBLISHED
CNA: Oracle
Published Date: 2018-04-19 02:29:01
(6 years ago)
Updated Date: 2022-07-19 17:02:18
(2 years ago)

Affected Products

Netapp

Oracle

Mysql

Redhat

Configuration #1

	CPE23	From	Up To
Oracle Mysql from 5.5.0 version and 5.5.59 and prior versions	cpe:2.3:a:oracle:mysql	>= 5.5.0	<= 5.5.59
Oracle Mysql from 5.6.0 version and 5.6.39 and prior versions	cpe:2.3:a:oracle:mysql	>= 5.6.0	<= 5.6.39
Oracle Mysql from 5.7.0 version and 5.7.21 and prior versions	cpe:2.3:a:oracle:mysql	>= 5.7.0	<= 5.7.21

Configuration #2

		CPE23	From	Up To
	Debian Linux 7.0	cpe:2.3:o:debian:debian_linux:7.0
	Debian Linux 8.0	cpe:2.3:o:debian:debian_linux:8.0
	Debian Linux 9.0	cpe:2.3:o:debian:debian_linux:9.0

Configuration #3

		CPE23	From	Up To
	Canonical Ubuntu Linux 12.04	cpe:2.3:o:canonical:ubuntu_linux:12.04:::*:-
	Canonical Ubuntu Linux 14.04	cpe:2.3:o:canonical:ubuntu_linux:14.04:::*:esm
	Canonical Ubuntu Linux 16.04	cpe:2.3:o:canonical:ubuntu_linux:16.04:::*:esm
	Canonical Ubuntu Linux 17.10	cpe:2.3:o:canonical:ubuntu_linux:17.10
	Canonical Ubuntu Linux 18.04	cpe:2.3:o:canonical:ubuntu_linux:18.04:::*:lts

Configuration #4

	CPE23	From	Up To
Mariadb from 5.5.0 version and prior 5.5.60 version	cpe:2.3:a:mariadb:mariadb	>= 5.5.0	< 5.5.60
Mariadb from 10.0.0 version and prior 10.0.35 version	cpe:2.3:a:mariadb:mariadb	>= 10.0.0	< 10.0.35
Mariadb from 10.1.0 version and prior 10.1.33 version	cpe:2.3:a:mariadb:mariadb	>= 10.1.0	< 10.1.33
Mariadb from 10.2.0 version and prior 10.2.15 version	cpe:2.3:a:mariadb:mariadb	>= 10.2.0	< 10.2.15

Configuration #5

	CPE23	From
Netapp Active Iq Unified Manager for Windows from 7.3 version	cpe:2.3:a:netapp:active_iq_unified_manager::::::windows	>= 7.3
Netapp Active Iq Unified Manager for Vmware Vsphere from 9.5 version	cpe:2.3:a:netapp:active_iq_unified_manager::::::vmware_vsphere	>= 9.5
Netapp Oncommand Insight	cpe:2.3:a:netapp:oncommand_insight:-
Netapp Oncommand Workflow Automation	cpe:2.3:a:netapp:oncommand_workflow_automation:-
Netapp Snapcenter	cpe:2.3:a:netapp:snapcenter:-

Configuration #6

		CPE23	From	Up To
	Redhat Openstack 12	cpe:2.3:a:redhat:openstack:12
	Redhat Enterprise Linux Desktop 7.0	cpe:2.3:o:redhat:enterprise_linux_desktop:7.0
	Redhat Enterprise Linux Eus 7.5	cpe:2.3:o:redhat:enterprise_linux_eus:7.5
	Redhat Enterprise Linux Eus 7.6	cpe:2.3:o:redhat:enterprise_linux_eus:7.6
	Redhat Enterprise Linux Eus 7.7	cpe:2.3:o:redhat:enterprise_linux_eus:7.7
	Redhat Enterprise Linux Server 7.0	cpe:2.3:o:redhat:enterprise_linux_server:7.0
	Redhat Enterprise Linux Server Aus 7.6	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6
	Redhat Enterprise Linux Server Aus 7.7	cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7
	Redhat Enterprise Linux Server Tus 7.6	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6
	Redhat Enterprise Linux Server Tus 7.7	cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7
	Redhat Enterprise Linux Workstation 7.0	cpe:2.3:o:redhat:enterprise_linux_workstation:7.0