K51473743 : MySQL Server C API vulnerability CVE-2017-3650

2017-12-2900:00:00

my.f5.com

3.4 Low

AI Score

Confidence

High

0.002 Low

EPSS

Percentile

56.6%

JSON

Security Advisory Description

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: C API). Supported versions that are affected are 5.7.18 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.7 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N). (CVE-2017-3650)

Impact

There is no impact; F5 products are not affected by this vulnerability.

CPENameOperatorVersion
big-ip afmeq11.5.1
big-ip afmeq11.5.2
big-ip afmeq11.5.3
big-ip afmeq11.5.4
big-ip afmeq11.5.5
big-ip afmeq11.6.1
big-ip afmeq11.6.2
big-ip afmeq12.0.0
big-ip afmeq12.1.0
big-ip afmeq12.1.1

Name	Operator	Version
big-ip afm	eq	11.5.1
big-ip afm	eq	11.5.2
big-ip afm	eq	11.5.3
big-ip afm	eq	11.5.4
big-ip afm	eq	11.5.5
big-ip afm	eq	11.6.1
big-ip afm	eq	11.6.2
big-ip afm	eq	12.0.0
big-ip afm	eq	12.1.0
big-ip afm	eq	12.1.1