CVE-2018-2761Oracle Mysql vulnerability

12 documents7 sources
Severity
5.9MEDIUMNVD
EPSS
0.3%
top 49.81%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
13
MariadbOracle MysqlOracle Corporation Mysql Server+10 more
Timeline
PublishedApr 19
Latest updateMay 14

Description

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Sc

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:HExploitability: 2.2 | Impact: 3.6

Affected Packages9 packages

CVEListV5oracle_corporation/mysql_server5.5.59 and prior, 5.6.39 and prior, 5.7.21 and prior+2
NVDoracle/mysql5.5.05.5.59+2
NVDmariadb/mariadb5.5.05.5.60+3
Alpinemariadb/mariadb< 10.2.15-r0+17

Also affects: Debian Linux 7.0, 8.0, 9.0, Ubuntu Linux 12.04, 14.04, 16.04, 17.10, 18.04, Enterprise Linux 7.5, 7.6, 7.7

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

3
GHSA
GHSA-3639-c3mm-hf33: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs)2022-05-14
OSV
CVE-2018-2761: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs)2018-04-19
CVEList
CVE-2018-2761: Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client programs)2018-04-19

📋Vendor Advisories

4
Ubuntu
MySQL vulnerabilities2018-04-30
Ubuntu
MySQL vulnerabilities2018-04-25
Ubuntu
MySQL vulnerabilities2018-04-23
Red Hat
mysql: Client programs unspecified vulnerability (CPU Apr 2018)2018-04-17

💬Community

4
Bugzilla
CVE-2018-2755 CVE-2018-2761 CVE-2018-2766 CVE-2018-2771 CVE-2018-2773 CVE-2018-2781 CVE-2018-2782 CVE-2018-2784 CVE-2018-2787 CVE-2018-2813 CVE-2018-2817 CVE-2018-2818 CVE-2018-2819 mariadb: various f2018-04-18
Bugzilla
CVE-2018-2761 mysql: Client programs unspecified vulnerability (CPU Apr 2018)2018-04-18
Bugzilla
CVE-2018-2755 CVE-2018-2761 CVE-2018-2766 CVE-2018-2771 CVE-2018-2773 CVE-2018-2781 CVE-2018-2782 CVE-2018-2784 CVE-2018-2787 CVE-2018-2813 CVE-2018-2817 CVE-2018-2818 CVE-2018-2819 mariadb: various f2018-04-18
Bugzilla
CVE-2018-2755 CVE-2018-2758 CVE-2018-2759 CVE-2018-2761 CVE-2018-2762 CVE-2018-2766 CVE-2018-2769 CVE-2018-2771 CVE-2018-2773 CVE-2018-2775 CVE-2018-2776 CVE-2018-2777 CVE-2018-2778 CVE-2018-2779 ... 2018-04-18
CVE-2018-2761 — Oracle Mysql vulnerability | cvebase