MySQL Connectors Vulnerability in Oracle MySQL
CVE-2018-3258

8.8HIGH

Key Information:

Vendor
Oracle
Status
Mysql Connectors
Vendor
CVE Published:
17 October 2018

Summary

An exploitable vulnerability exists in the MySQL Connectors component of Oracle MySQL, specifically affecting versions 8.0.12 and earlier. This flaw could allow a low-privileged attacker with network access, using various protocols, to compromise MySQL Connectors, leading to unauthorized access or control over affected instances. Successful exploitation may have severe implications on the confidentiality, integrity, and availability of the MySQL environment, highlighting a significant risk for users relying on these connectors.

Affected Version(s)

MySQL Connectors 8.0.12 and prior

References

http://www.securitytracker.com/id/1041888
vdb-entryx_refsource_SECTRACK
http://www.securityfocus.com/bid/105589
vdb-entryx_refsource_BID
http://www.oracle.com/technetwork/security-advisory/cpuoc...
x_refsource_CONFIRM

CVSS V3.1

Score:
8.8
Severity:
HIGH
Confidentiality:
High
Integrity:
High
Availability:
High
Attack Vector:
Network
Attack Complexity:
Low
Privileges Required:
Low
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.