CVE-2018-3067

EUVD-2018-14922

18.07.2018, 13:29

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 8.0.11 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	4.9 MEDIUM	NETWORK	LOW	HIGH	CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 51%

Affected Products (NVD)

Vendor	Product	Version
oracle	mysql	8.0.0 ≤ 𝑥 ≤ 8.0.11
netapp	oncommand_insight	-
netapp	oncommand_workflow_automation	-
netapp	snapcenter	-
netapp	storage_automation_store	-

𝑥

= Vulnerable software versions

References

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

http://www.securityfocus.com/bid/104772

http://www.securitytracker.com/id/1041294

https://security.netapp.com/advisory/ntap-20180726-0002/

http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

http://www.securityfocus.com/bid/104772

http://www.securitytracker.com/id/1041294

https://security.netapp.com/advisory/ntap-20180726-0002/