CVE-2018-3081

 

Published at: - 18-07-2018 03:29

Last modified: - 04-08-2022 09:58

Total changes: - 2

Description

Vulnerability in the MySQL Client component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Client. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Client as well as unauthorized update, insert or delete access to some of MySQL Client accessible data. CVSS 3.0 Base Score 5.0 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H).

Common Vulnerability Scoring System (CVSS)

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H

 

Verification logic

 

Reference

• http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html
• 104779-Third Party Advisory, VDB Entry
• https://security.netapp.com/advisory/ntap-20180726-0002/
• 1041294-Third Party Advisory, VDB Entry
• USN-3725-2-Third Party Advisory
• USN-3725-1-Third Party Advisory
• [debian-lts-announce] 20181105 [SECURITY] [DLA 1566-1] mysql-5.5 security update-Mailing List, Third Party Advisory
• DSA-4341-Third Party Advisory
• RHSA-2018:3655-Third Party Advisory
• RHSA-2019:1258-Third Party Advisory
• RHSA-2019:2327-Third Party Advisory

 

Keywords

NVD

 

CVE-2018-3081

 

CVE

 

Common vulnerabilities & exposures

 

CVSS

 

Common vulnerability scoring system

 

Security

 

Vulnerabilities

 

Exposures