Loading HuntDB...
Hunt
Vulnerability Intelligence by wss.sh
Home Daily Briefings High Impact CVEs Recent Exploits KEV Catalog GitHub Advisories Latest Updates Security News
Sign In Sign Up

CVE-2017-3265

UNKNOWN
Published 2017-01-27T22:01:00
Actions:

Expert Analysis

Professional remediation guidance

Get tailored security recommendations from our analyst team for CVE-2017-3265. We'll provide specific mitigation strategies based on your environment and risk profile.

No CVSS data available

Description

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 5.6 (Confidentiality and Availability impacts).

Available Exploits

No exploits available for this CVE.

Related News

No news articles found for this CVE.

Affected Products

Oracle

MySQL Server

Affected Versions:

5.5.53 and earlier 5.6.34 and earlier 5.7.16 and earlier

GitHub Security Advisories

Community-driven vulnerability intelligence from GitHub

⚠ Unreviewed MODERATE

GHSA-x6m4-gw2j-999q

Advisory Details

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 5.6 (Confidentiality and Availability impacts).

CVSS Scoring

CVSS Score

5.0

CVSS Vector

CVSS:3.0/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:H

References

ADVISORY https://nvd.nist.gov/vuln/detail/CVE-2017-3265
WEB https://access.redhat.com/errata/RHSA-2017:2192
WEB https://access.redhat.com/errata/RHSA-2017:2787
WEB https://access.redhat.com/errata/RHSA-2018:0279
WEB https://access.redhat.com/errata/RHSA-2018:0574
WEB https://security.gentoo.org/glsa/201702-17
WEB https://security.gentoo.org/glsa/201702-18
WEB http://www.debian.org/security/2017/dsa-3767
WEB http://www.debian.org/security/2017/dsa-3770
WEB http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html
WEB http://www.securityfocus.com/bid/95520
WEB http://www.securitytracker.com/id/1037640

Advisory provided by GitHub Security Advisory Database. Published: May 13, 2022, Modified: May 13, 2022

References

https://access.redhat.com/errata/RHSA-2017:2787
https://security.gentoo.org/glsa/201702-17
https://access.redhat.com/errata/RHSA-2018:0574
https://security.gentoo.org/glsa/201702-18
http://www.securitytracker.com/id/1037640
http://www.securityfocus.com/bid/95520
https://access.redhat.com/errata/RHSA-2018:0279
http://www.debian.org/security/2017/dsa-3767
http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html
http://www.debian.org/security/2017/dsa-3770
https://access.redhat.com/errata/RHSA-2017:2192
Published: 2017-01-27T22:01:00
Last Modified: 2024-10-09T19:38:08.370Z
Copied to clipboard!