Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Options). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data as well as unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.3 (Confidentiality and Integrity impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:L/I:L/A:N).
References
Link | Resource |
---|---|
http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html | Patch Vendor Advisory |
http://www.securityfocus.com/bid/104766 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1041294 | Broken Link Third Party Advisory VDB Entry |
https://access.redhat.com/errata/RHSA-2018:3655 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2019:1258 | Third Party Advisory |
https://access.redhat.com/errata/RHSA-2019:2327 | Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2018/08/msg00036.html | Mailing List Third Party Advisory |
https://lists.debian.org/debian-lts-announce/2018/11/msg00004.html | Mailing List Third Party Advisory |
https://security.netapp.com/advisory/ntap-20180726-0002/ | Third Party Advisory |
https://usn.ubuntu.com/3725-1/ | Third Party Advisory |
https://usn.ubuntu.com/3725-2/ | Third Party Advisory |
https://www.debian.org/security/2018/dsa-4341 | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
Configuration 6 (hide)
|
History
29 Aug 2022, 20:52
Type | Values Removed | Values Added |
---|---|---|
First Time |
Redhat enterprise Linux Workstation
Mariadb Redhat Mariadb mariadb Redhat enterprise Linux Server Redhat enterprise Linux Desktop |
|
References | (SECTRACK) http://www.securitytracker.com/id/1041294 - Broken Link, Third Party Advisory, VDB Entry | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:2327 - Third Party Advisory | |
References | (REDHAT) https://access.redhat.com/errata/RHSA-2019:1258 - Third Party Advisory | |
CPE | cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:* cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:* cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:* |
Information
Published : 2018-07-18 13:29
Updated : 2023-12-10 12:44
NVD link : CVE-2018-3066
Mitre link : CVE-2018-3066
CVE.ORG link : CVE-2018-3066
JSON object : View
Products Affected
mariadb
- mariadb
redhat
- enterprise_linux_workstation
- enterprise_linux_server
- enterprise_linux_desktop
netapp
- snapcenter
- oncommand_workflow_automation
- storage_automation_store
- oncommand_insight
oracle
- mysql
canonical
- ubuntu_linux
debian
- debian_linux
CWE