Vulnerability in MySQL Connectors of Oracle MySQL
CVE-2017-10277

5.4MEDIUM

Key Information:

Vendor
Oracle
Status
Mysql Connectors
Vendor
CVE Published:
19 October 2017

Summary

An unauthenticated vulnerability exists in the MySQL Connectors component of Oracle MySQL, specifically affecting Connector/Net versions 6.9.9 and earlier. This exploit allows an attacker with network access to interact with the system, necessitating human intervention separate from the attacker. Successful exploitation can lead to unauthorized updates, insertions, deletions, and reading of sensitive data within the MySQL Connectors. This vulnerability emphasizes the importance of securing database connections to prevent potential data integrity and confidentiality breaches.

Affected Version(s)

MySQL Connectors 6.9.9 and earlier

References

https://security.netapp.com/advisory/ntap-20171019-0002/
x_refsource_CONFIRM
http://www.securitytracker.com/id/1039597
vdb-entryx_refsource_SECTRACK
http://www.oracle.com/technetwork/security-advisory/cpuoc...
x_refsource_CONFIRM

CVSS V3.1

Score:
5.4
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
Required
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.