CVE-2017-3469

EUVD-2017-12590
Vulnerability in the MySQL Workbench component of Oracle MySQL (subcomponent: Workbench: Security : Encryption). Supported versions that are affected are 6.3.8 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Workbench. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Workbench accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
3.7 LOW
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 54%
Affected Products (NVD)
VendorProductVersion
oraclemysql_workbench
𝑥
≤ 6.3.8
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
mysql-workbench
jessie
no-dsa
sid
8.0.32+dfsg-2
fixed
stretch
no-dsa
wheezy
no-dsa
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
mysql-workbench
artful
ignored
bionic
needed
cosmic
not-affected
disco
dne
eoan
not-affected
focal
dne
groovy
dne
hirsute
dne
impish
not-affected
kinetic
dne
lunar
dne
mantic
dne
noble
dne
precise
ignored
trusty
dne
xenial
needed
yakkety
ignored
zesty
ignored
References
http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
http://www.securityfocus.com/bid/97833
http://www.securitytracker.com/id/1038287
http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
http://www.securityfocus.com/bid/97833
http://www.securitytracker.com/id/1038287