Search for vulnerabilities
Vulnerability details: VCID-cyb6-wna4-aaas
Vulnerability ID VCID-cyb6-wna4-aaas
Aliases CVE-2017-3319
Summary Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: X Plugin). Supported versions that are affected are 5.7.16 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS v3.0 Base Score 3.1 (Confidentiality impacts).
Status Published
Exploitability 0.5
Weighted Severity 6.2
Risk 3.1
Affected and Fixed Packages Package Details
Weaknesses (1)
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
System Score Found at
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-3319.html
cvssv3 3.1 https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3319.json
epss 0.00122 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00122 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00122 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00122 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00122 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00122 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00122 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00122 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00122 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00122 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00122 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00122 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00139 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00259 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00589 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00589 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00589 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00589 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00589 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00589 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00589 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00589 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00589 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00589 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00589 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00589 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00589 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00589 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00589 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00589 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00589 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00589 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00589 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
epss 0.00654 https://api.first.org/data/v1/epss?cve=CVE-2017-3319
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=1414358
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3319
cvssv2 2.1 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
cvssv2 3.5 https://nvd.nist.gov/vuln/detail/CVE-2017-3319
cvssv3 3.1 https://nvd.nist.gov/vuln/detail/CVE-2017-3319
generic_textual Medium https://ubuntu.com/security/notices/USN-3174-1
generic_textual Medium http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL
Reference id Reference type URL
http://people.canonical.com/~ubuntu-security/cve/2017/CVE-2017-3319.html
https://access.redhat.com/errata/RHSA-2017:2886
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3319.json
https://api.first.org/data/v1/epss?cve=CVE-2017-3319
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3319
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://security.gentoo.org/glsa/201702-17
https://ubuntu.com/security/notices/USN-3174-1
http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html
http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixMSQL
http://www.securityfocus.com/bid/95479
http://www.securitytracker.com/id/1037640
1414358 https://bugzilla.redhat.com/show_bug.cgi?id=1414358
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
CVE-2017-3319 https://nvd.nist.gov/vuln/detail/CVE-2017-3319
USN-3174-1 https://usn.ubuntu.com/3174-1/
No exploits are available.
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2017-3319.json
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: AV:N/AC:H/Au:S/C:P/I:N/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: AV:N/AC:M/Au:S/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2017-3319
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2017-3319
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.47513
EPSS Score 0.00122
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.