Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent:
Server: Security: Privileges). Supported versions that are affected are
8.0.12 and prior. Easily exploitable vulnerability allows low privileged
attacker with network access via multiple protocols to compromise MySQL
Server. Successful attacks of this vulnerability can result in unauthorized
update, insert or delete access to some of MySQL Server accessible data.
CVSS 3.0 Base Score 4.3 (Integrity impacts). CVSS Vector:
(CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).
Author | Note |
---|---|
mdeslaur | 8.0.x only |
www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
launchpad.net/bugs/cve/CVE-2018-3286
nvd.nist.gov/vuln/detail/CVE-2018-3286
security-tracker.debian.org/tracker/CVE-2018-3286
www.cve.org/CVERecord?id=CVE-2018-3286
www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL