Vulnerability in MySQL Connectors by Oracle affecting multiple versions
CVE-2017-3589

3.3LOW

Key Information:

Vendor

Oracle
Status
Mysql Connectors
Vendor
CVE Published:
24 April 2017

What is CVE-2017-3589?

The vulnerability in Oracle's MySQL Connectors component (specifically Connector/J) poses a significant security risk. It affects versions 5.1.41 and earlier, allowing low-privileged attackers with access to the infrastructure where the MySQL Connectors operate to potentially compromise them. Successful exploitation of this vulnerability could enable unauthorized users to update, insert, or delete accessible data within MySQL Connectors, leading to integrity breaches and possible data loss.

Affected Version(s)

MySQL Connectors 5.1.41 and earlier

References

http://www.securityfocus.com/bid/97836
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1038287
vdb-entryx_refsource_SECTRACK
http://www.oracle.com/technetwork/security-advisory/cpuap...
x_refsource_CONFIRM

CVSS V3.1

Score:
3.3
Severity:
LOW
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2017-3589 : Vulnerability in MySQL Connectors by Oracle affecting multiple versions