PT-2017-15959 · Mysql Server+1 · Mysql Connectors+1

Published

2017-04-24

Updated

2024-06-15

CVE-2017-3523

CVSS v3.1

8.5

High

Vector

AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H

Name of the Vulnerable Software and Affected Versions MySQL Connectors versions 5.1.40 and earlier

Description The issue allows a low-privileged attacker with network access via multiple protocols to compromise MySQL Connectors, potentially leading to a takeover. Although the vulnerability is in MySQL Connectors, attacks may have a significant impact on additional products.

Recommendations For versions 5.1.40 and earlier, update to a version later than 5.1.40 to resolve the issue.

Fix

Improper Access Control

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-284

Related Identifiers

CVE-2017-3523

DLA-945-1

DSA-3840-1

GHSA-2XXH-F8R3-HVVR

MGASA-2017-0382

OPENSUSE-SU-2024:11071-1

SUSE-SU-2017:2591-1

SUSE-SU-2017_2591-1

Affected Products

Mysql Connectors

Suse

PT-2017-15959 · Mysql Server+1 · Mysql Connectors+1

CVE-2017-3523

Weakness Enumeration

Related Identifiers

Affected Products

References · 27