PT-2016-7895 · Oracle+7 · Mysql Server+6

Published

2016-12-24

Updated

2023-12-29

CVE-2017-3291

CVSS v3.1

6.3

Medium

Vector

AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions MySQL Server versions 5.5.53 and earlier MySQL Server versions 5.6.34 and earlier MySQL Server versions 5.7.16 and earlier

Description The issue allows a high privileged attacker to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and can result in the takeover of MySQL Server. The attacker can also cause a hang or frequently repeatable crash of MySQL Server, leading to a denial of service.

Recommendations For versions 5.5.53 and earlier, update to a version later than 5.5.53 to resolve the issue. For versions 5.6.34 and earlier, update to a version later than 5.6.34 to resolve the issue. For versions 5.7.16 and earlier, update to a version later than 5.7.16 to resolve the issue.

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

ALT-PU-2017-1061

ALT-PU-2017-1407

CESA-2017_2192

CVE-2017-3291

DLA-797-1

DSA-3767-1

DSA-3770-1

MGASA-2017-0054

OPENSUSE-SU-2017_0479-1

OPENSUSE-SU-2017_0486-1

OPENSUSE-SU-2017_0618-1

RHSA-2017:2192

RHSA-2017:2787

RHSA-2017:2886

RHSA-2017_2192

RHSA-2018:0279

RHSA-2018:0574

SUSE-RU-2023:3956-1

SUSE-RU-2023:4991-1

SUSE-SU-2017:0408-1

SUSE-SU-2017:0411-1

SUSE-SU-2017:0412-1

USN-3174-1

Affected Products

Alt Linux

Centos

Mariadb Server

Mysql Server

Red Hat

Suse

Ubuntu

PT-2016-7895 · Oracle+7 · Mysql Server+6

CVE-2017-3291

Related Identifiers

Affected Products

References · 584