CVE-2017-3318

Name of the Vulnerable Software and Affected Versions Oracle MySQL versions 5.5.53 and earlier Oracle MySQL versions 5.6.34 and earlier Oracle MySQL versions 5.7.16 and earlier

Description The issue allows a high-privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. The vulnerability can also be exploited by an attacker with network access via multiple protocols, potentially causing a hang or frequently repeatable crash (complete DOS) of MySQL Server.

Recommendations For versions 5.5.53 and earlier, update to a version later than 5.5.53 to resolve the issue. For versions 5.6.34 and earlier, update to a version later than 5.6.34 to resolve the issue. For versions 5.7.16 and earlier, update to a version later than 5.7.16 to resolve the issue. As a temporary workaround, consider restricting network access to the MySQL Server to minimize the risk of exploitation.