CVE-2018-2612

Name of the Vulnerable Software and Affected Versions MySQL Server versions 5.6.38 and prior MySQL Server versions 5.7.20 and prior

Description The issue is related to inadequate access control in the InnoDB component of the MySQL database management system. Exploitation of this issue can allow a remote attacker to gain privileges for creating, deleting, and modifying MySQL data or cause a denial of service. The vulnerability can be easily exploited by a high-privileged attacker with network access via multiple protocols, potentially resulting in unauthorized access to critical data or all accessible data on the MySQL Server, as well as the ability to cause the server to hang or crash repeatedly.

Recommendations For MySQL Server versions 5.6.38 and prior, update to a version later than 5.6.38 to resolve the issue. For MySQL Server versions 5.7.20 and prior, update to a version later than 5.7.20 to resolve the issue. As a temporary workaround, consider restricting network access to the MySQL Server to minimize the risk of exploitation.