CVE-2017-3304
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
Vulnerability in the MySQL Cluster component of Oracle MySQL (subcomponent: Cluster: DD). Supported versions that are affected are 7.2.27 and earlier, 7.3.16 and earlier, 7.4.14 and earlier and 7.5.5 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Cluster. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS 3.0 Base Score 5.4 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L).
Vulnerabilidad en el componente MySQL Cluster de Oracle MySQL (subcomponente: Cluster: DD). Las versiones compatibles que son afectadas son 7.2.27 y versiones anteriores, 7.3.16 y versiones anteriores, 7.4.14 y versiones anteriores y 7.5.5 y versiones anteriores. La vulnerabilidad fácilmente "explotable" permite a un atacante poco privilegiados con acceso a la red comprometer MySQL Cluster a través de multiples protocolos. Los ataques exitosos de esta vulnerabilidad pueden resultar en una actualización no autorizada, insetar o eliminar el acceso a algunos de los datos accesibles de MySQL Cluster y la capacidad no autorizada para causar una denegación parcial de servicio (DOS parcial) de MySQL Cluster.CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:L).
CVSS Scores
SSVC
- Decision:Track
Timeline
- 2016-12-06 CVE Reserved
- 2017-04-24 CVE Published
- 2023-03-08 EPSS Updated
- 2024-10-07 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
CAPEC
References (3)
URL | Tag | Source |
---|---|---|
http://www.securityfocus.com/bid/97815 | Third Party Advisory | |
http://www.securitytracker.com/id/1038287 | Vdb Entry |
URL | Date | SRC |
---|
URL | Date | SRC |
---|---|---|
http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html | 2019-10-03 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Oracle Search vendor "Oracle" | Mysql Cluster Search vendor "Oracle" for product "Mysql Cluster" | <= 7.2.27 Search vendor "Oracle" for product "Mysql Cluster" and version " <= 7.2.27" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Mysql Cluster Search vendor "Oracle" for product "Mysql Cluster" | <= 7.3.16 Search vendor "Oracle" for product "Mysql Cluster" and version " <= 7.3.16" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Mysql Cluster Search vendor "Oracle" for product "Mysql Cluster" | <= 7.4.14 Search vendor "Oracle" for product "Mysql Cluster" and version " <= 7.4.14" | - |
Affected
| ||||||
Oracle Search vendor "Oracle" | Mysql Cluster Search vendor "Oracle" for product "Mysql Cluster" | <= 7.5.5 Search vendor "Oracle" for product "Mysql Cluster" and version " <= 7.5.5" | - |
Affected
|