CVE-2017-3469

Vulnerability in the MySQL Workbench component of Oracle MySQL (subcomponent: Workbench: Security : Encryption). Supported versions that are affected are 6.3.8 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Workbench. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Workbench accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
3.7 LOW
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
oracleCNA
---
---
CVEADP
---
---
CISA-ADPADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 54%
VendorProductVersion
oraclemysql_workbench
𝑥
≤ 6.3.8
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
mysql-workbench
sid
8.0.32+dfsg-2
fixed
stretch
no-dsa
jessie
no-dsa
wheezy
no-dsa
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
mysql-workbench
noble
dne
mantic
dne
lunar
dne
kinetic
dne
impish
not-affected
hirsute
dne
groovy
dne
focal
dne
eoan
not-affected
disco
dne
cosmic
not-affected
bionic
needed
artful
ignored
zesty
ignored
yakkety
ignored
xenial
needed
trusty
dne
precise
ignored
References
http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
http://www.securityfocus.com/bid/97833
http://www.securitytracker.com/id/1038287
http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
http://www.securityfocus.com/bid/97833
http://www.securitytracker.com/id/1038287