MySQL is vulnerable privilege escalation vulnerability. A low privileged attacker with network access via multiple protocols could compromise MySQL Server resulting in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data.
CPE | Name | Operator | Version |
---|---|---|---|
rh-mysql57-mysql | eq | 5.7.16__1.el7 | |
rh-mysql57-mysql | eq | 5.7.16__1.el6 |
www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL
www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL
www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL
www.securityfocus.com/bid/97820
www.securitytracker.com/id/1038287
access.redhat.com/errata/RHSA-2017:2886
access.redhat.com/security/updates/classification/#important
dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-17.html
dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-18.html
dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-19.html