2 matches found
CVE-2017-3304
CVE-2017-3304 concerns the MySQL Cluster DD subcomponent in Oracle MySQL. The vulnerability affects listed 7.2.x/7.3.x/7.4.x/7.5.x releases (7.2.27, 7.3.16, 7.4.14, 7.5.5 and earlier). An attacker with low privileges who can access the service over a network and using multiple protocols can poten...
MySQL Cluster 7.2.x < 7.2.28 DD Subcomponent Arbitrary Data Manipulation (April 2017 CPU)
The version of MySQL Cluster running on the remote host is 7.2.x prior to 7.2.28. It is, therefore, affected by an arbitrary data manipulation vulnerability in the DD subcomponent due to an unspecified flaw. An authenticated, remote attacker can exploit this to update, insert, or delete arbitrary...