← Back

CVE-2017-3319

nvd nist
Published: Jan 27, 2017Modified: May 13, 2026

JSON object

Loading...
3.1
Vector
CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
Exploitability: 1.6 / Impact: 1.4
Source: NVD

Description

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS v3.0 Base Score 3.1 (Confidentiality impacts).

Affected (1)

Products: Oracle: Mysql
Oracle
1 product
Mysql
Configuration A
1 vulnerable
Vulnerable SoftwareAffected Versions
Mysql
Up to 5.7.16

Related CWEs

CWE-200
Exposure of Sensitive Information to an Unauthorized Actor
The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

References (10)

Source: secalert_us@oracle.com
PatchVendor Advisory
Source: secalert_us@oracle.com
Third Party AdvisoryVDB Entry
Source: secalert_us@oracle.com
Source: secalert_us@oracle.com
Source: secalert_us@oracle.com
Source: af854a3a-2127-422b-91ae-364da2661108
PatchVendor Advisory
Source: af854a3a-2127-422b-91ae-364da2661108
Third Party AdvisoryVDB Entry
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108
Source: af854a3a-2127-422b-91ae-364da2661108

Timeline

No history available yet.