4.9 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
5 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
12.6%
Vulnerability in the MySQL Server product of Oracle MySQL (component:
Client: mysqldump). Supported versions that are affected are 8.0.36 and
prior and 8.3.0 and prior. Difficult to exploit vulnerability allows
unauthenticated attacker with logon to the infrastructure where MySQL
Server executes to compromise MySQL Server. Successful attacks of this
vulnerability can result in unauthorized update, insert or delete access to
some of MySQL Server accessible data as well as unauthorized read access to
a subset of MySQL Server accessible data and unauthorized ability to cause
a partial denial of service (partial DOS) of MySQL Server. CVSS 3.1 Base
Score 4.9 (Confidentiality, Integrity and Availability impacts). CVSS
Vector: (CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L).
Author | Note |
---|---|
iconstantin | since mysql versions 5.7 and earlier are no longer supported upstream, we are unable to update them to address security issues, marking as ignored. mariadb 5.5, 10.0, 10.1, and 10.3 are end of life and no longer supported upstream - marking as ignored. |
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 23.10 | noarch | mariadb | < any | UNKNOWN |
ubuntu | 24.04 | noarch | mariadb | < any | UNKNOWN |
ubuntu | 16.04 | noarch | mariadb-10.0 | < any | UNKNOWN |
ubuntu | 18.04 | noarch | mariadb-10.1 | < any | UNKNOWN |
ubuntu | 22.04 | noarch | mariadb-10.6 | < any | UNKNOWN |
ubuntu | 18.04 | noarch | mysql-5.7 | < any | UNKNOWN |
ubuntu | 20.04 | noarch | mysql-8.0 | < any | UNKNOWN |
ubuntu | 22.04 | noarch | mysql-8.0 | < any | UNKNOWN |
ubuntu | 23.10 | noarch | mysql-8.0 | < any | UNKNOWN |
ubuntu | 24.04 | noarch | mysql-8.0 | < any | UNKNOWN |
4.9 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
LOW
Integrity Impact
LOW
Availability Impact
LOW
CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:L
5 Medium
AI Score
Confidence
High
0.0004 Low
EPSS
Percentile
12.6%