PT-2017-15959 · Mysql Server+1 · Mysql Connectors+1

Publicado

2017-04-24

Atualizado

2024-06-15

CVE-2017-3523

CVSS v3.1

8.5

Alta

Vetor

AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions MySQL Connectors versions 5.1.40 and earlier

Description The issue allows a low-privileged attacker with network access via multiple protocols to compromise MySQL Connectors, potentially leading to a takeover. Although the vulnerability is in MySQL Connectors, attacks may have a significant impact on additional products.

Recommendations For versions 5.1.40 and earlier, update to a version later than 5.1.40 to resolve the issue.

Correção

Improper Access Control

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-284

Identificadores relacionados

CVE-2017-3523

DLA-945-1

DSA-3840-1

GHSA-2XXH-F8R3-HVVR

MGASA-2017-0382

OPENSUSE-SU-2024:11071-1

SUSE-SU-2017:2591-1

SUSE-SU-2017_2591-1

Produtos afetados

Mysql Connectors

Suse

PT-2017-15959 · Mysql Server+1 · Mysql Connectors+1

CVE-2017-3523

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 27