Vulnerability CVE-2018-3276: Information

Description

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.41 and prior, 5.7.23 and prior and 8.0.12 and prior. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).

Severity: MEDIUM (4.9) Vector: CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H

URL: https://nvd.nist.gov/vuln/detail/CVE-2018-3276
Published: Oct. 17, 2018
Modified: Oct. 3, 2019

Fixed packages

Package name
Branch
Fixed in version
Version from repository
Errata ID
Task #
State
MySQLsisyphus5.7.24-alt18.0.37-alt1.1ALT-PU-2018-2668-1216678Fixed
MySQLp105.7.24-alt18.0.36-alt1ALT-PU-2018-2668-1216678Fixed
MySQLp95.7.24-alt18.0.26-alt2ALT-PU-2018-2668-1216678Fixed
MySQLp85.7.24-alt15.7.28-alt1ALT-PU-2018-2828-1216685Fixed
MySQLc10f15.7.24-alt18.0.37-alt1ALT-PU-2018-2668-1216678Fixed
MySQLc9f25.7.24-alt18.0.36-alt0.c9.1ALT-PU-2018-2668-1216678Fixed
MySQLp115.7.24-alt18.0.37-alt1.1ALT-PU-2018-2668-1216678Fixed

References to Advisories, Solutions, and Tools

Hyperlink
Resource
http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
  • Patch
  • Vendor Advisory
1041888
  • Third Party Advisory
  • VDB Entry
105600
  • Third Party Advisory
  • VDB Entry
https://security.netapp.com/advisory/ntap-20181018-0002/
  • Third Party Advisory
USN-3799-1
  • Third Party Advisory
RHSA-2018:3655
  • Third Party Advisory

    1. Configuration 1

      cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
      Start including
      5.7.0
      End including
      5.7.23
      cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
      Start including
      8.0.0
      End including
      8.0.12
      cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
      Start including
      5.6.0
      End including
      5.6.41

      Configuration 2

      cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
      cpe:2.3:a:netapp:storage_automation_store:-:*:*:*:*:*:*:*
      cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
      cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vmware_vsphere:*:*
      Start including
      9.4
      cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*

      Configuration 3

      cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:*:*:*
      Running on/with:
      cpe:2.3:o:microsoft:windows:-:*:*:*:*:*:*:*

      Configuration 4

      cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*
      cpe:2.3:o:canonical:ubuntu_linux:18.10:*:*:*:*:*:*:*
VKontakte|Telegram|YouTube|Forum|GitHub|Bugzilla
Version: v24.5.3
Back to top