6.7

CVE-2017-3312

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.7 (Confidentiality, Integrity and Availability impacts).

Daten sind bereitgestellt durch National Vulnerability Database (NVD)
OracleMysql Version >= 5.5.0 <= 5.5.53
OracleMysql Version >= 5.6.0 <= 5.6.34
OracleMysql Version >= 5.7.0 <= 5.7.16
DebianDebian Linux Version8.0
MariadbMariadb Version >= 5.5.0 < 5.5.54
MariadbMariadb Version >= 10.0.0 < 10.0.29
MariadbMariadb Version >= 10.1.0 < 10.1.21
Zu dieser CVE wurde keine CISA KEV oder CERT.AT-Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 0.22% 0.449
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 6.7 0.8 5.9
CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H
nvd@nist.gov 3.5 1.5 6.4
AV:L/AC:H/Au:S/C:P/I:P/A:P
http://www.securitytracker.com/id/1037640
Third Party Advisory
VDB Entry
http://www.securityfocus.com/bid/95491
Third Party Advisory
VDB Entry