7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
6.3 Medium
AI Score
Confidence
Low
5.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
0.002 Low
EPSS
Percentile
52.4%
software: mariadb 10.5.20
OS: ROSA-CHROME
package_evr_string: mariadb-10.5.20-1.src.rpm
CVE-ID: CVE-2018-2813
BDU-ID: 2019-03456
CVE-Crit: MEDIUM
CVE-DESC.: A vulnerability in the Server: DDL component of the MySQL Server database management system is related to a lack of service data protection. Exploitation of the vulnerability could allow an attacker acting remotely to gain read access to the data
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2018-2817
BDU-ID: 2019-03457
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the Server: DDL component of the MySQL Server database management system is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker, acting remotely, to cause a denial of service
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2018-2819
BDU-ID: 2019-03458
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the InnoDB component of the MySQL Server database management system is related to incorrect resource release. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2018-3058
BDU-ID: 2020-00682
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the MyISAM component of the Oracle MySQL database management system is related to a flaw in the access control mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to impact data integrity
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2018-3060
BDU-ID: 2020-04694
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the InnoDB component of the MySQL Server database management system is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to create, delete, or modify access to critical data or all data available to MySQL Server or cause a denial of service via network packets
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2018-3063
BDU-ID: 2020-00683
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the Server:Security:Privileges component of the Oracle MySQL database management system is related to a flaw in the access control mechanism. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2018-3064
BDU-ID: 2018-00966
CVE-Crit: HIGH
CVE-DESC.: A vulnerability in the InnoDB component of the MySQL database management system is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to gain unauthorized access to protected data, cause a denial of service using the MySQL Protocol network protocol
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2018-3066
BDU-ID: 2019-01627
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in an Oracle MySQL server component is related to user access control errors. Exploitation of the vulnerability allows an attacker acting remotely to gain unauthorized access to server functionality and data
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2018-3081
BDU-ID: None
CVE-Crit: MEDIUM
CVE-DESC.: A difficult-to-exploit vulnerability allows an attacker with high privileges and network access through multiple protocols to compromise a MySQL client. Successful attacks against this vulnerability could result in an unauthorized ability to cause the MySQL client to hang or crash frequently (full DOS), as well as unauthorized update, insertion, or removal of access to some available MySQL client data.
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2018-3133
BDU-ID: 2019-00469
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the Server: Parser component of the MySQL Server database management system is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to cause the application to hang or crash using specially crafted network packets
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2018-3143
BDU-ID: 2019-00471
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the InnoDB component of the MySQL Server database management system is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to cause the application to hang or crash using specially crafted network packets
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2018-3156
BDU-ID: 2019-00473
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the InnoDB component of the MySQL Server database management system is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker acting remotely to cause the application to hang or crash using specially crafted network packets
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2018-3162
BDU-ID: 2019-00650
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the InnoDB component of the Oracle MySQL database management system is related to insufficient access controls. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Resolved
CVE-REV: To close, run command: sudo dnf update mariadb
CVE-ID: CVE-2018-3173
BDU-ID: 2019-00652
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the InnoDB component of the Oracle MySQL database management system is related to insufficient access controls. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Resolved
CVE-REV: To close, run command: sudo dnf update mariadb
CVE-ID: CVE-2018-3174
BDU-ID: 2019-00619
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the Client programs component of the Oracle MySQL Server database management system is related to access control weaknesses. Exploitation of the vulnerability could allow an attacker to cause a denial of service
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2018-3185
BDU-ID: 2019-00596
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the InnoDB component of the Oracle MySQL database management system is related to insufficient access controls. Exploitation of the vulnerability could allow an attacker acting remotely to change file permissions or cause a denial of service
CVE-STATUS: Fixed
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2018-3200
BDU-ID: 2019-00654
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the InnoDB component of the Oracle MySQL database management system is related to insufficient access controls. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Resolved
CVE-REV: To close, run command: sudo dnf update mariadb
CVE-ID: CVE-2018-3251
BDU-ID: 2019-00590
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the InnoDB component of the Oracle MySQL database management system is related to insufficient access controls. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Resolved
CVE-REV: To close, run command: sudo dnf update mariadb
CVE-ID: CVE-2018-3277
BDU-ID: 2019-00658
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the InnoDB component of the Oracle MySQL database management system is related to insufficient access controls. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update mariadb
CVE-ID: CVE-2018-3282
BDU-ID: 2019-00662
CVE-Crit: MEDIUM.
CVE-DESC.: A vulnerability in the Server: Storage Engines component of the Oracle MySQL database management system is related to insufficient access controls. Exploitation of the vulnerability could allow an attacker acting remotely to cause a denial of service
CVE-STATUS: Resolved
CVE-REV: To close, run the command: sudo dnf update mariadb
7.1 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
NONE
Integrity Impact
LOW
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:H
6.3 Medium
AI Score
Confidence
Low
5.5 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:S/C:N/I:P/A:P
0.002 Low
EPSS
Percentile
52.4%