admin/nvd-json-data-feeds
1
0
Fork 0
mirror of https://github.com/fkie-cad/nvd-json-data-feeds.git synced 2025-06-12 02:04:49 +00:00
Code Issues Packages Projects Releases Wiki Activity
nvd-json-data-feeds/CVE-2017/CVE-2017-33xx/CVE-2017-3312.json
cad-safe-bot e6cbafdc40 Auto-Update: 2024-12-08T03:00:18.988682+00:00
2024-12-08 03:06:42 +00:00

334 lines
10 KiB
JSON
Raw Blame History

{
"id": "CVE-2017-3312",
"sourceIdentifier": "secalert_us@oracle.com",
"published": "2017-01-27T22:59:04.350",
"lastModified": "2024-11-21T03:25:15.560",
"vulnStatus": "Modified",
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Packaging). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS v3.0 Base Score 6.7 (Confidentiality, Integrity and Availability impacts)."
},
{
"lang": "es",
"value": "Vulnerabilidad en el componente MySQL Server de Oracle MySQL (subcomponente: Server: Packaging). Versiones compatibles que est\u00e1n afectadas son 5.5.53 y versiones anteriores, 5.6.34 y versiones anteriores y 5.7.16 y versiones anteriores. Vulnerabilidad de dif\u00edcil explotaci\u00f3n permite a un atacante poco privilegiado con un inicio de sesi\u00f3n a la infraestructura donde MySQL Server se ejecuta, comprometer MySQL Server. Ataques exitosos requieren interacci\u00f3n humana de una persona distinta del atacante. Ataques exitosos de esta vulnerabilidad pueden resultar en la toma de control de MySQL Server. CVSS v3.0 Base Score 6.7 (Impactos de Integridad, Confidencialidad y Disponibilidad)."
}
],
"metrics": {
"cvssMetricV31": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "3.1",
"vectorString": "CVSS:3.1/AV:L/AC:H/PR:L/UI:R/S:U/C:H/I:H/A:H",
"baseScore": 6.7,
"baseSeverity": "MEDIUM",
"attackVector": "LOCAL",
"attackComplexity": "HIGH",
"privilegesRequired": "LOW",
"userInteraction": "REQUIRED",
"scope": "UNCHANGED",
"confidentialityImpact": "HIGH",
"integrityImpact": "HIGH",
"availabilityImpact": "HIGH"
},
"exploitabilityScore": 0.8,
"impactScore": 5.9
}
],
"cvssMetricV2": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"cvssData": {
"version": "2.0",
"vectorString": "AV:L/AC:H/Au:S/C:P/I:P/A:P",
"baseScore": 3.5,
"accessVector": "LOCAL",
"accessComplexity": "HIGH",
"authentication": "SINGLE",
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"availabilityImpact": "PARTIAL"
},
"baseSeverity": "LOW",
"exploitabilityScore": 1.5,
"impactScore": 6.4,
"acInsufInfo": false,
"obtainAllPrivilege": false,
"obtainUserPrivilege": false,
"obtainOtherPrivilege": false,
"userInteractionRequired": true
}
]
},
"weaknesses": [
{
"source": "nvd@nist.gov",
"type": "Primary",
"description": [
{
"lang": "en",
"value": "NVD-CWE-noinfo"
}
]
}
],
"configurations": [
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5.0",
"versionEndIncluding": "5.5.53",
"matchCriteriaId": "DA05707F-9B38-4C5D-9367-D7DF52658AEB"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.6.0",
"versionEndIncluding": "5.6.34",
"matchCriteriaId": "E9C89C4E-C358-485A-9097-50232C9C6F22"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.7.0",
"versionEndIncluding": "5.7.16",
"matchCriteriaId": "5E5267D6-D424-4FB6-80CD-E13132083522"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
"matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43"
}
]
}
]
},
{
"nodes": [
{
"operator": "OR",
"negate": false,
"cpeMatch": [
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"versionStartIncluding": "5.5.0",
"versionEndExcluding": "5.5.54",
"matchCriteriaId": "7425B1AD-88EE-4E62-8F91-F3FE413F0F4E"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.0.0",
"versionEndExcluding": "10.0.29",
"matchCriteriaId": "5750A91A-1784-4DE9-B72C-61A3B48B0892"
},
{
"vulnerable": true,
"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
"versionStartIncluding": "10.1.0",
"versionEndExcluding": "10.1.21",
"matchCriteriaId": "70247F46-D133-4E30-AE2F-8974DEFDA1AA"
}
]
}
]
}
],
"references": [
{
"url": "http://www.debian.org/security/2017/dsa-3767",
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.debian.org/security/2017/dsa-3770",
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html",
"source": "secalert_us@oracle.com",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/95491",
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1037640",
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2017:2192",
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2017:2787",
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2017:2886",
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2018:0279",
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2018:0574",
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/201702-17",
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/201702-18",
"source": "secalert_us@oracle.com",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.debian.org/security/2017/dsa-3767",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.debian.org/security/2017/dsa-3770",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"Vendor Advisory"
]
},
{
"url": "http://www.securityfocus.com/bid/95491",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "http://www.securitytracker.com/id/1037640",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory",
"VDB Entry"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2017:2192",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2017:2787",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2017:2886",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2018:0279",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://access.redhat.com/errata/RHSA-2018:0574",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/201702-17",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
},
{
"url": "https://security.gentoo.org/glsa/201702-18",
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Third Party Advisory"
]
}
]
}
Reference in New Issue View Git Blame Copy Permalink