NVD

Id
84607  
Name
CVE-2017-3599  
Description
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Pluggable Auth). Supported versions that are affected are 5.6.35 and earlier and 5.7.17 and earlier. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 7.5 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H). NOTE: the previous information is from the April 2017 CPU. Oracle has not commented on third-party claims that this issue is an integer overflow in sql/auth/sql_authentication.cc which allows remote attackers to cause a denial of service via a crafted authentication packet.  
Reject
 
CVSS Version
2  
CVSS Score
7.8  
Severity
High  
CVSS Base Score
7.8  
CVSS Impact Subscore
6.9  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:N/I:N/A:C)  
Pub Date
2017-07-18  
Published
2017-04-24  
Modified Date
2017-07-10  
Seq
2017-3599  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
417153 84607 CVE-2017-2379 97137  View
417154 84607 CVE-2017-2379 https://support.apple.com/HT207601  View
417155 84607 CVE-2017-2379 https://support.apple.com/HT207602  View
417156 84607 CVE-2017-2379 https://support.apple.com/HT207615  View
417157 84607 CVE-2017-2379 https://support.apple.com/HT207617  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
67266 JVNDB-2017-003578 Oracle MySQL の MySQL Server における Server:Pluggable Auth に関する脆弱性 Oracle MySQL の MySQL Server には、Server:Pluggable Auth に関する処理に不備があるため、可用性に影響のある脆弱性が存在します。 CVE-2017-3599 0 CVE-2017-3599 84607 7.8 7.5 http://jvndb.jvn.jp/ja/contents/2017/JVNDB-2017-003578.html 2017-04-18 2017-05-30 View