MySQL Connectors Vulnerability in Oracle MySQL Products
CVE-2017-10203

5.3MEDIUM

Key Information:

Vendor
Oracle
Status
Mysql Connectors
Vendor
CVE Published:
19 October 2017

Summary

A vulnerability exists within the MySQL Connectors component of Oracle MySQL, specifically targeting Connector/Net versions 6.9.9 and earlier, permitting unauthenticated attackers with network access to exploit this flaw. Successful exploitation can lead to unauthorized control capabilities, resulting in potential service disruptions, known as partial denial of service (partial DOS). This vulnerability presents a significant risk, especially for environments relying on network protocols, and requires prompt attention to mitigate potential threats.

Affected Version(s)

MySQL Connectors 6.9.9 and earlier

References

https://security.netapp.com/advisory/ntap-20171019-0002/
x_refsource_CONFIRM
http://www.securitytracker.com/id/1039597
vdb-entryx_refsource_SECTRACK
http://www.oracle.com/technetwork/security-advisory/cpuoc...
x_refsource_CONFIRM

CVSS V3.1

Score:
5.3
Severity:
MEDIUM
Confidentiality:
None
Integrity:
None
Availability:
None
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.