PT-2017-16017 · Oracle+1 · Mysql Connector/J+1
Publicado
2017-04-24
·
Atualizado
2022-05-13
·
CVE-2017-3586
CVSS v3.1
6.4
Média
| Vetor | AV:N/AC:L/PR:L/UI:N/S:C/C:L/I:L/A:N |
Name of the Vulnerable Software and Affected Versions
Oracle MySQL Connector/J versions 5.1.41 and earlier
Description
A vulnerability in the MySQL Connectors component allows a low-privileged attacker with network access via multiple protocols to compromise MySQL Connectors, potentially impacting additional products. Successful attacks can result in unauthorized update, insert, or delete access to some of MySQL Connectors' accessible data, as well as unauthorized read access to a subset of MySQL Connectors' accessible data.
Recommendations
For versions 5.1.41 and earlier, update to a version later than 5.1.41 to resolve the issue.
Correção
Information Disclosure
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Mysql Connector/J
Suse