Уязвимость CVE-2018-2813: Информация

Описание

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: DDL). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Easily exploitable vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 4.3 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N).

Важность: MEDIUM (4,3) Вектор: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

URL: https://nvd.nist.gov/vuln/detail/CVE-2018-2813
Опубликовано: 19 апреля 2018 г.
Изменено: 29 августа 2022 г.

Исправленные пакеты

Имя пакета
Ветка
Исправлено в версии
Версия в репозитории
Errata ID
№ Задания
Состояние
MySQLsisyphus5.7.22-alt1.S18.0.37-alt1.1ALT-PU-2018-1993-1209726Исправлено
MySQLp105.7.22-alt1.S18.0.36-alt1ALT-PU-2018-1993-1209726Исправлено
MySQLp95.7.22-alt1.S18.0.26-alt2ALT-PU-2018-1993-1209726Исправлено
MySQLp85.7.22-alt1.M80P.15.7.28-alt1ALT-PU-2018-2028-1209806Исправлено
MySQLc10f15.7.22-alt1.S18.0.37-alt1ALT-PU-2018-1993-1209726Исправлено
MySQLc9f25.7.22-alt1.S18.0.36-alt0.c9.1ALT-PU-2018-1993-1209726Исправлено
MySQLc75.7.24-alt0.M70C.15.7.24-alt0.M70C.1ALT-PU-2019-2206-1231498Исправлено
MySQLp115.7.22-alt1.S18.0.37-alt1.1ALT-PU-2018-1993-1209726Исправлено
mariadbsisyphus10.2.15-alt1.S110.11.8-alt1ALT-PU-2018-1842-1206655Исправлено
mariadbp1010.2.15-alt1.S110.6.18-alt1ALT-PU-2018-1842-1206655Исправлено
mariadbp910.2.15-alt1.S110.4.34-alt0.M90P.1ALT-PU-2018-1842-1206655Исправлено
mariadbp810.1.33-alt1.M80P.110.1.48-alt1ALT-PU-2018-1853-1206813Исправлено
mariadbc10f110.2.15-alt1.S110.6.18-alt1ALT-PU-2018-1842-1206655Исправлено
mariadbc9f210.2.15-alt1.S110.6.18-alt1ALT-PU-2018-1842-1206655Исправлено
mariadbc710.3.14-alt0.M70C.110.3.14-alt0.M70C.1ALT-PU-2019-1992-1231405Исправлено
mariadbp1110.2.15-alt1.S110.11.8-alt1ALT-PU-2018-1842-1206655Исправлено

Ссылки на рекомендации, решения и инструменты

Ссылка
Ресурс
http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html
  • Patch
  • Vendor Advisory
1040698
  • Broken Link
  • Third Party Advisory
  • VDB Entry
103830
  • Third Party Advisory
  • VDB Entry
https://security.netapp.com/advisory/ntap-20180419-0002/
  • Third Party Advisory
[debian-lts-announce] 20180419 [SECURITY] [DLA 1355-1] mysql-5.5 security update
  • Mailing List
  • Third Party Advisory
DSA-4176
  • Third Party Advisory
USN-3629-1
  • Third Party Advisory
USN-3629-2
  • Third Party Advisory
RHSA-2018:1254
  • Third Party Advisory
USN-3629-3
  • Third Party Advisory
[debian-lts-announce] 20180629 [SECURITY] [DLA 1407-1] mariadb-10.0 security update
  • Mailing List
  • Third Party Advisory
RHSA-2018:2439
  • Third Party Advisory
RHSA-2018:2729
  • Third Party Advisory
DSA-4341
  • Third Party Advisory
RHSA-2018:3655
  • Third Party Advisory
RHSA-2019:1258
  • Third Party Advisory
GLSA-201908-24
  • Third Party Advisory

    1. Конфигурация 1

      cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
      Start including
      5.7.0
      End including
      5.7.21
      cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
      Start including
      5.6.0
      End including
      5.6.39
      cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
      Start including
      5.5.0
      End including
      5.5.59

      Конфигурация 2

      cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
      cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
      cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

      Конфигурация 3

      cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:esm:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*

      Конфигурация 4

      cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*
      cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
      cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*

      Конфигурация 5

      cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
      cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*
      cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*
      Start including
      7.3
      cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
      cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
      cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*
      Start including
      9.4

      Конфигурация 6

      cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
      Start including
      10.0.0
      End excliding
      10.0.35
      cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
      Start including
      10.1.0
      End excliding
      10.1.33
      cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
      Start including
      10.2.0
      End excliding
      10.2.15
      cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
      Start including
      5.5.0
      End excliding
      5.5.60
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Версия: v24.5.3
Наверх