2023-04-24 12:24:31 +02:00
{
"id" : "CVE-2017-10294" ,
"sourceIdentifier" : "secalert_us@oracle.com" ,
"published" : "2017-10-19T17:29:02.390" ,
2024-12-08 03:06:42 +00:00
"lastModified" : "2024-11-21T03:05:50.970" ,
2023-04-24 12:24:31 +02:00
"vulnStatus" : "Modified" ,
2024-07-14 02:06:08 +00:00
"cveTags" : [ ] ,
2023-04-24 12:24:31 +02:00
"descriptions" : [
{
"lang" : "en" ,
"value" : "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Optimizer). Supported versions that are affected are 5.6.37 and earlier and 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
} ,
{
"lang" : "es" ,
"value" : "Vulnerabilidad en el componente MySQL Server en Oracle MySQL (subcomponente: Server: Optimizer). Las versiones compatibles que se han visto afectadas son la 5.6.37 y anteriores, y la 5.7.19 y anteriores. Una vulnerabilidad f\u00e1cilmente explotable permite que un atacante con un alto nivel de privilegios que tenga acceso a red por medio de m\u00faltiples protocolos comprometa la seguridad de MySQL Server. Los ataques exitosos a esta vulnerabilidad pueden dar lugar a la capacidad no autorizada de provocar el bloqueo o cierre inesperado, frecuente y repetido (DoS completo) de MySQL Server. CVSS 3.0 Base Score 4.9 (impactos en la disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H)."
}
] ,
"metrics" : {
"cvssMetricV30" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "3.0" ,
"vectorString" : "CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 4.9 ,
"baseSeverity" : "MEDIUM" ,
2023-04-24 12:24:31 +02:00
"attackVector" : "NETWORK" ,
"attackComplexity" : "LOW" ,
"privilegesRequired" : "HIGH" ,
"userInteraction" : "NONE" ,
"scope" : "UNCHANGED" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "NONE" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "HIGH"
2023-04-24 12:24:31 +02:00
} ,
"exploitabilityScore" : 1.2 ,
"impactScore" : 3.6
}
] ,
"cvssMetricV2" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"cvssData" : {
"version" : "2.0" ,
"vectorString" : "AV:L/AC:L/Au:S/C:N/I:N/A:P" ,
2024-12-08 03:06:42 +00:00
"baseScore" : 1.7 ,
2023-04-24 12:24:31 +02:00
"accessVector" : "LOCAL" ,
"accessComplexity" : "LOW" ,
"authentication" : "SINGLE" ,
"confidentialityImpact" : "NONE" ,
"integrityImpact" : "NONE" ,
2024-12-08 03:06:42 +00:00
"availabilityImpact" : "PARTIAL"
2023-04-24 12:24:31 +02:00
} ,
"baseSeverity" : "LOW" ,
"exploitabilityScore" : 3.1 ,
"impactScore" : 2.9 ,
"acInsufInfo" : false ,
"obtainAllPrivilege" : false ,
"obtainUserPrivilege" : false ,
"obtainOtherPrivilege" : false ,
"userInteractionRequired" : false
}
]
} ,
"weaknesses" : [
{
"source" : "nvd@nist.gov" ,
"type" : "Primary" ,
"description" : [
{
"lang" : "en" ,
"value" : "NVD-CWE-noinfo"
}
]
}
] ,
"configurations" : [
{
"nodes" : [
{
"operator" : "OR" ,
"negate" : false ,
"cpeMatch" : [
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E0089EDF-4806-417D-A4F1-63FF03C5AEF3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "898A5CD5-83A5-4335-835F-759F82862753"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "C851FA0E-357E-4B9E-A441-9C74B3526B37"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B12FA18C-AB93-4522-AA2C-303342452E59"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "6FD31981-E3ED-41D0-92EB-ABA7490D60E5"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2E918FF1-8B40-4DC3-9269-1D3BFD18C58D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4BCD7C2D-49E9-4D78-90CF-F747A1584269"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.7:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7956E471-E98A-4527-A5F4-863210E09D5A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.8:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "615F499A-5C33-4E79-80FA-9A1453D8A3D4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.9:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "4AD40EA2-F432-4F89-9E59-0DB4D415CA85"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.10:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "41494A2D-4BBC-4C3B-841F-878C2430A444"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.11:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A62DA4D8-27B4-4026-9035-75AC35F58439"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.12:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D6DF5346-DC9A-4615-BEAC-2F5FD57C3B6B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.13:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E948C884-E747-4E7C-B111-4A8DA22E421C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.14:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0F933CF3-A850-4D3F-A16D-8129E246BF55"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.15:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "038D17E1-2932-4D47-A748-F8A1D46B6721"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.16:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "E9028492-4114-4C9A-9E88-4B6C4FA6CC2C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.17:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "B844437C-3D19-4F50-8FBC-B1D0BDDEC59E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.21:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2F96B5EE-782E-444F-8CA2-D178CD26FB3D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.22:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5798742F-986C-4A46-8815-48003192EE92"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.23:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "7081F919-3653-465F-8171-80FA4E5D5E2A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.26:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0EB0F1D5-7355-4160-8C31-B109C6BA9BE4"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.27:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "EFF1373B-0F2A-402F-A402-D56CAEFB98EC"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.28:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "8FC0F977-D5B8-4528-9B57-4A9DEB500F40"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.29:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "1775D2BE-117C-447C-B934-3F24E387F981"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.30:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "22D8DCD5-9E5C-433A-9737-5EA50B48EA92"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.31:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "08D4C576-99EB-4890-B0BD-58F0DF60963E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.32:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5037477B-FE67-4474-930A-50A2EE72E2CD"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.33:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "00A47740-11D4-4C1C-9AD7-0DF600BD3A17"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.34:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "DCB0B03F-A264-4113-8961-41C28333503A"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.35:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "88127FDE-4695-4AC9-B6BA-F57149B2770D"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.36:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "034D7BE0-14EA-4CCB-91DF-3B1A4A8AA78C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.6.37:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "BD09E3CF-B900-4B0A-BFE7-8BADA709AD1B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.7.0:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "006CE9D3-B3EC-4E4A-91AB-DCD2A32A271F"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.7.1:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "112BF532-FD22-4EFD-9D53-8999CB91FCDB"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.7.2:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F52D0C21-DDA9-43BC-BA88-38CAC12907F8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.7.3:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "5B99FD46-71DF-464C-9E78-4B6F125B52BD"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.7.4:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "56DD8C71-3CE1-43D7-A7FE-33B39726262B"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.7.5:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "2149A153-FB6A-4833-B382-39B762249BC2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.7.6:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "3238F3F7-13F0-49FE-BA3E-B6F6570A46EE"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.7.7:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "40E583CD-F1D5-43C0-9195-940BBB0C8650"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.7.8:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "440D9A94-D9E8-41C7-8ADC-9EA7CA4001E2"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.7.9:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D6C2EBC1-A32C-4866-8B19-2612DCA74A7C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.7.10:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "9B09B320-E2C0-4B6B-846D-FCE5F65E4DFD"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.7.11:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "CCA6A107-9B65-43C0-9EBA-69D83987F570"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.7.12:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "304EA995-F08B-4401-8736-515583E1027C"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.7.13:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "A4B3F4DB-9290-448F-A41F-4ACE1802EB80"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.7.14:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "DA58E346-4DEE-4429-9B57-41C05EE258F8"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.7.15:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "62601284-98D9-403F-8270-300AE1AB8A6E"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.7.16:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "0B210C1E-8220-40DA-9976-2BFE209DD6A3"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.7.17:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "69905126-C49A-4C38-8C31-6E34CA4E8322"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.7.18:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "F82934F3-6C0D-4002-9E77-22A88DECE9C9"
} ,
{
"vulnerable" : true ,
"criteria" : "cpe:2.3:a:oracle:mysql:5.7.19:*:*:*:*:*:*:*" ,
"matchCriteriaId" : "D8EF3DE1-DEF2-4AC0-8B36-0897402520A0"
}
]
}
]
}
] ,
"references" : [
{
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" ,
"source" : "secalert_us@oracle.com" ,
"tags" : [
"Patch" ,
"Vendor Advisory"
]
} ,
{
"url" : "http://www.securityfocus.com/bid/101444" ,
"source" : "secalert_us@oracle.com" ,
"tags" : [
"Third Party Advisory" ,
"VDB Entry"
]
} ,
{
"url" : "http://www.securitytracker.com/id/1039597" ,
"source" : "secalert_us@oracle.com" ,
"tags" : [
"Third Party Advisory" ,
"VDB Entry"
]
} ,
{
"url" : "https://access.redhat.com/errata/RHSA-2017:3265" ,
"source" : "secalert_us@oracle.com"
} ,
{
"url" : "https://access.redhat.com/errata/RHSA-2017:3442" ,
"source" : "secalert_us@oracle.com"
} ,
{
"url" : "https://security.netapp.com/advisory/ntap-20171019-0002/" ,
"source" : "secalert_us@oracle.com"
2024-12-08 03:06:42 +00:00
} ,
{
"url" : "http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Patch" ,
"Vendor Advisory"
]
} ,
{
"url" : "http://www.securityfocus.com/bid/101444" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Third Party Advisory" ,
"VDB Entry"
]
} ,
{
"url" : "http://www.securitytracker.com/id/1039597" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108" ,
"tags" : [
"Third Party Advisory" ,
"VDB Entry"
]
} ,
{
"url" : "https://access.redhat.com/errata/RHSA-2017:3265" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "https://access.redhat.com/errata/RHSA-2017:3442" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
} ,
{
"url" : "https://security.netapp.com/advisory/ntap-20171019-0002/" ,
"source" : "af854a3a-2127-422b-91ae-364da2661108"
2023-04-24 12:24:31 +02:00
}
]
}
