Bugzilla – Bug 1049418
VUL-0: CVE-2017-3732: mysql: Connector/ODBC unspecified vulnerability
Last modified: 2017-07-19 22:39:02 UTC
Oracle July 2017 Patch Day. http://www.oracle.com/technetwork/security-advisory/cpujul2017-3236622.html#AppendixMSQL http://www.oracle.com/technetwork/security-advisory/cpujul2017verbose-3236625.html#MSQL Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/ODBC (OpenSSL)). Supported versions that are affected are 5.3.7 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Connectors accessible data. CVSS v3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).