CVE-2017-3305

Name of the Vulnerable Software and Affected Versions Oracle MySQL versions 5.5.55 and earlier Oracle MySQL versions 5.6.35 and earlier

Description The issue allows a low-privileged attacker with network access via multiple protocols to compromise the MySQL Server, potentially resulting in unauthorized access to critical data or complete access to all MySQL Server accessible data. It is difficult to exploit and requires a high level of access. Successful attacks can also cause a hang or complete denial of service (DOS) of the MySQL Server.

Recommendations For Oracle MySQL versions 5.5.55 and earlier, update to a version later than 5.5.55 to resolve the issue. For Oracle MySQL versions 5.6.35 and earlier, update to a version later than 5.6.35 to resolve the issue. As a temporary workaround, consider restricting network access to the MySQL Server to minimize the risk of exploitation.