MySQL Connector/Python Vulnerability in Oracle MySQL
CVE-2017-3590

3.3LOW

Key Information:

Vendor

Oracle
Status
Mysql Connectors
Vendor
CVE Published:
24 April 2017

What is CVE-2017-3590?

A flaw in the MySQL Connectors component of Oracle MySQL allows a low privileged attacker with logon access to the affected environment to manipulate data. The vulnerability presents an opportunity for unauthorized operations, including updates, inserts, or deletions of data accessible to MySQL Connectors. This presents a significant risk for organizations using these components, necessitating immediate attention to security measures and updates.

Affected Version(s)

MySQL Connectors 2.1.5 and earlier

References

http://www.securitytracker.com/id/1038287
vdb-entryx_refsource_SECTRACK
http://www.oracle.com/technetwork/security-advisory/cpuap...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/97840
vdb-entryx_refsource_BID

CVSS V3.1

Score:
3.3
Severity:
LOW
Confidentiality:
None
Integrity:
Low
Availability:
None
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.
CVE-2017-3590 : MySQL Connector/Python Vulnerability in Oracle MySQL