Veracode Vulnerability DatabaseVERACODE:18789Privilege Escalation
0.001 Low
EPSS
Percentile
41.7%
MySQL is vulnerable privilege escalation vulnerability. A low privileged attacker with network access via multiple protocols could compromise MySQL Server resulting in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data.
| CPE | Name | Operator | Version |
|---|---|---|---|
| rh-mysql57-mysql | eq | 5.7.16__1.el7 | |
| rh-mysql57-mysql | eq | 5.7.16__1.el6 |
References
www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html
www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL
www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL
www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL
www.securityfocus.com/bid/97820
www.securitytracker.com/id/1038287
access.redhat.com/errata/RHSA-2017:2886
access.redhat.com/security/updates/classification/#important
dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-17.html
dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-18.html
dev.mysql.com/doc/relnotes/mysql/5.7/en/news-5-7-19.html
Related
