CVE-2017-3313medium
Description
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: MyISAM). Supported versions that are affected are 5.5.53 and earlier, 5.6.34 and earlier and 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS v3.0 Base Score 4.7 (Confidentiality impacts).
References
http://www.debian.org/security/2017/dsa-3767
http://www.debian.org/security/2017/dsa-3809
http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html
http://www.securityfocus.com/bid/95527
http://www.securitytracker.com/id/1037640
https://access.redhat.com/errata/RHSA-2017:2192
https://access.redhat.com/errata/RHSA-2017:2787
https://access.redhat.com/errata/RHSA-2017:2886
https://access.redhat.com/errata/RHSA-2018:0279
Details
Source: MITRE
Published: 2017-01-27
Updated: 2019-05-22
Type: CWE-200
Risk Information
CVSS v2
Base Score: 1.5
Vector: AV:L/AC:M/Au:S/C:P/I:N/A:N
Impact Score: 2.9
Exploitability Score: 2.7
Severity: LOW
CVSS v3
Base Score: 4.7
Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N
Impact Score: 3.6
Exploitability Score: 1
Severity: MEDIUM