4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N
1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:H/Au:S/C:P/I:N/A:N
Oracle MySQL is vulnerable to improper access control. A local authenticated user could exploit the vulnerable Error Handling
component to obtain unauthorized access to critical data or complete access to all MySQL Server accessible data.
www.debian.org/security/2017/dsa-3767
www.debian.org/security/2017/dsa-3770
www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html#AppendixMSQL
www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html
www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL
www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL
www.securityfocus.com/bid/95588
www.securitytracker.com/id/1037640
access.redhat.com/errata/RHSA-2017:2192
access.redhat.com/errata/RHSA-2017:2787
access.redhat.com/errata/RHSA-2017:2886
access.redhat.com/errata/RHSA-2018:0279
access.redhat.com/errata/RHSA-2018:0574
access.redhat.com/security/updates/classification/#important
bugzilla.redhat.com/show_bug.cgi?id=1477575
bugzilla.redhat.com/show_bug.cgi?id=1482122
dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-35.html
dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-36.html
dev.mysql.com/doc/relnotes/mysql/5.6/en/news-5-6-37.html
security.gentoo.org/glsa/201702-17
security.gentoo.org/glsa/201702-18
4 Medium
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
HIGH
User Interaction
REQUIRED
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
NONE
Availability Impact
NONE
CVSS:3.1/AV:L/AC:H/PR:H/UI:R/S:U/C:H/I:N/A:N
1 Low
CVSS2
Access Vector
LOCAL
Access Complexity
HIGH
Authentication
SINGLE
Confidentiality Impact
PARTIAL
Integrity Impact
NONE
Availability Impact
NONE
AV:L/AC:H/Au:S/C:P/I:N/A:N