CVE-2017-3323

CVSS v3 3.7 LOW
CVSS v2.0 4.3 MEDIUM

3.7^/10

CVSS v3 : LOW

V3 Legend

Vector : AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L

Exploitability : 2.2 / Impact : 1.4

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

4.3^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:M/Au:N/C:N/I:N/A:P

Exploitability : 8.6 / Impact : 2.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

ulnerability in the MySQL Cluster component of Oracle MySQL (subcomponent: Cluster: General). Supported versions that are affected are 7.2.25 and earlier, 7.3.14 and earlier and 7.4.12 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Cluster. Successful attacks of this vulnerability can result in unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS v3.0 Base Score 3.7 (Availability impacts).

References

Link	Resource
http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html	Patch Vendor Advisory
http://www.securityfocus.com/bid/95575
http://www.securitytracker.com/id/1037640
http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html	Patch Vendor Advisory
http://www.securityfocus.com/bid/95575
http://www.securitytracker.com/id/1037640

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:mysql_cluster::::::::
	cpe:2.3:a:oracle:mysql_cluster::::::::
	cpe:2.3:a:oracle:mysql_cluster::::::::

History

21 Nov 2024, 03:25

Type	Values Removed	Values Added
References	~~() http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html - Patch, Vendor Advisory~~	() http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html - Patch, Vendor Advisory
References	~~() http://www.securityfocus.com/bid/95575 -~~	() http://www.securityfocus.com/bid/95575 -
References	~~() http://www.securitytracker.com/id/1037640 -~~	() http://www.securitytracker.com/id/1037640 -

Information

Published : 2017-01-27 22:59

Updated : 2025-04-20 01:37

NVD link : CVE-2017-3323

Mitre link : CVE-2017-3323

CVE.ORG link : CVE-2017-3323

JSON object : View

Products Affected

oracle

mysql_cluster

CWE

CWE-20

Improper Input Validation

3.7 /10

Attack Vector NETWORK

Attack Complexity HIGH

Privileges Required NONE

User Interaction NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact LOW

Scope UNCHANGED

4.3 /10

Access Vector NETWORK

Access Complexity MEDIUM

Authentication NONE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

JSON object

Attach tags to CVE-2017-3323

3.7^/10

4.3^/10

Attach tags to `CVE-2017-3323`