Уязвимость CVE-2018-2612: Информация

Описание

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: InnoDB). Supported versions that are affected are 5.6.38 and prior and 5.7.20 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Server accessible data and unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 6.5 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H).

Важность: MEDIUM (6,5) Вектор: CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:H/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2018-2612
Опубликовано: 18 января 2018 г.
Изменено: 1 июля 2022 г.

Исправленные пакеты

Имя пакета
Ветка
Исправлено в версии
Версия в репозитории
Errata ID
№ Задания
Состояние
mariadbsisyphus10.2.15-alt1.S110.11.8-alt1ALT-PU-2018-1842-1206655Исправлено
mariadbp1010.2.15-alt1.S110.6.18-alt1ALT-PU-2018-1842-1206655Исправлено
mariadbp910.2.15-alt1.S110.4.34-alt0.M90P.1ALT-PU-2018-1842-1206655Исправлено
mariadbp810.1.33-alt1.M80P.110.1.48-alt1ALT-PU-2018-1853-1206813Исправлено
mariadbc10f110.2.15-alt1.S110.6.18-alt1ALT-PU-2018-1842-1206655Исправлено
mariadbc9f210.2.15-alt1.S110.6.18-alt1ALT-PU-2018-1842-1206655Исправлено
mariadbc710.3.14-alt0.M70C.110.3.14-alt0.M70C.1ALT-PU-2019-1992-1231405Исправлено
mariadbp1110.2.15-alt1.S110.11.8-alt1ALT-PU-2018-1842-1206655Исправлено

Ссылки на рекомендации, решения и инструменты

Ссылка
Ресурс
http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
  • Patch
  • Vendor Advisory
https://security.netapp.com/advisory/ntap-20180117-0002/
  • Third Party Advisory
1040216
  • Broken Link
  • Third Party Advisory
  • VDB Entry
102709
  • Third Party Advisory
  • VDB Entry
USN-3537-1
  • Third Party Advisory
RHSA-2018:0587
  • Third Party Advisory
RHSA-2018:0586
  • Third Party Advisory
[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update
  • Mailing List
  • Third Party Advisory
DSA-4341
  • Third Party Advisory
RHSA-2019:1258
  • Third Party Advisory

    1. Конфигурация 1

      cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
      Start including
      5.7.0
      End including
      5.7.20
      cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
      Start including
      5.6.0
      End including
      5.6.38

      Конфигурация 2

      cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
      Start including
      10.2.0
      End excliding
      10.2.13
      cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
      Start including
      10.1.0
      End excliding
      10.1.31
      cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
      Start including
      10.0.0
      End excliding
      10.0.34

      Конфигурация 3

      cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
      cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
      cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
      cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*
      Start including
      7.3
      cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*
      Start including
      9.5

      Конфигурация 4

      cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:esm:*:*:*

      Конфигурация 5

      cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
      cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Версия: v24.5.3
Наверх