MariaDB 10.1 < 10.1.31 Multiple Vulnerabilities
high Nessus Plugin ID 121422
Language:
Synopsis
The remote database server is affected by multiple vulnerabilitiesDescription
The version of MariaDB running of remote host is 10.1 prior to 10.1.31. It is, therefore, affected by multiple vulnerabilitiesSolution
Upgrade to MariaDB version 10.1.31 or later.See Also
https://lists.askmonty.org/cgi-bin/mailman/listinfo/announce
https://mariadb.com/kb/en/mdb-10131-rn
http://cve.mitre.org/cgi/bin/cvename.cgi?name=CVE-2018-2562
http://cve.mitre.org/cgi/bin/cvename.cgi?name=CVE-2018-2612
http://cve.mitre.org/cgi/bin/cvename.cgi?name=CVE-2018-2622
http://cve.mitre.org/cgi/bin/cvename.cgi?name=CVE-2018-2640
http://cve.mitre.org/cgi/bin/cvename.cgi?name=CVE-2018-2665
http://cve.mitre.org/cgi/bin/cvename.cgi?name=CVE-2018-2668
http://cve.mitre.org/cgi/bin/cvename.cgi?name=CVE-2018-3133
http://www.nessus.org/u?9e7fe54c
https://jira.mariadb.org/browse/MDEV-13205
https://jira.mariadb.org/browse/MDEV-13499
https://jira.mariadb.org/browse/MDEV-14174
https://jira.mariadb.org/browse/MDEV-14776
https://jira.mariadb.org/browse/MDEV-14799
Plugin Details
Severity: High
ID: 121422
File Name: mariadb_10_1_31.nasl
Version: 1.5
Type: remote
Family: Databases
Published: 1/28/2019
Updated: 11/18/2022
Supported Sensors: Frictionless Assessment Agent
Risk Information
VPR
Risk Factor: Medium
Score: 6
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.5
Vector: AV:N/AC:L/Au:S/C:N/I:P/A:C
Temporal Vector: E:U/RL:OF/RC:C
CVSS Score Source: CVE-2018-2612
CVSS v3
Risk Factor: High
Base Score: 7.1
Temporal Score: 6.2
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
Temporal Vector: E:U/RL:O/RC:C
CVSS Score Source: CVE-2018-2562
Vulnerability Information
CPE: cpe:/a:mariadb:mariadb
Exploit Ease: No known exploits are available
Patch Publication Date: 2/6/2018
Vulnerability Publication Date: 1/17/2018
Reference Information
CVE: CVE-2018-2562, CVE-2018-2612, CVE-2018-2622, CVE-2018-2640, CVE-2018-2665, CVE-2018-2668