Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.5
CVSSv2

CVE-2017-3586

Published: 24/04/2017 Updated: 03/10/2019
CVSS v2 Base Score: 5.5 | Impact Score: 4.9 | Exploitability Score: 8
CVSS v3 Base Score: 6.4 | Impact Score: 2.7 | Exploitability Score: 3.1
VMScore: 490
Vector: AV:N/AC:L/Au:S/C:P/I:P/A:N
Subscribe to Oracle

Vulnerability Summary

Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 5.1.41 and previous versions. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. While the vulnerability is in MySQL Connectors, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data as well as unauthorized read access to a subset of MySQL Connectors accessible data. CVSS 3.0 Base Score 6.4 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N).

Vulnerable Product Search on Vulmon Subscribe to Product

oracle mysql connectors

Vendor Advisories

Debian Security Advisories: DSA-3857-1 mysql-connector-java -- security update
Two vulnerabilities have been found in the MySQL Connector/J JDBC driver For the stable distribution (jessie), these problems have been fixed in version 5142-1~deb8u1 For the upcoming stable distribution (stretch), these problems have been fixed in version 5142-1 For the unstable distribution (sid), these problems have been fixed in version ...
Red Hat: CVE-2017-3586
Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J) Supported versions that are affected are 5141 and earlier Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors While the vulnerability is in MySQL Connectors, attacks ...

References

NVD-CWE-noinfohttp://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.htmlhttp://www.securityfocus.com/bid/97784http://www.securityfocus.com/bid/97982http://www.securitytracker.com/id/1038287http://www.debian.org/security/2017/dsa-3857https://nvd.nist.govhttps://www.debian.org/security/./dsa-3857
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2022-38028CVE-2024-32406CVE-2024-25624IMAPCVE-2024-2310CVE-2024-0874CVE-2024-20359XXEremote code execution
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook