Vulnerabilities > CVE-2018-3123 - Unspecified vulnerability in Oracle Mysql
Attack vector
NETWORK Attack complexity
MEDIUM Privileges required
NONE Confidentiality impact
PARTIAL Integrity impact
NONE Availability impact
NONE Summary
Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: libmysqld). Supported versions that are affected are 5.6.42 and prior, 5.7.24 and prior and 8.0.13 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 5.9 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:H/I:N/A:N).
Vulnerable Configurations
Nessus
NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2019-2_0-0152_MYSQL.NASL description An update of the mysql package has been released. last seen 2020-06-01 modified 2020-06-02 plugin id 126216 published 2019-06-25 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/126216 title Photon OS 2.0: Mysql PHSA-2019-2.0-0152 NASL family Databases NASL id MYSQL_5_6_43.NASL description The version of MySQL running on the remote host is 5.6.x prior to 5.6.43. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the January 2019 Critical Patch Update advisory: - An unspecified vulnerability in MySQL in the last seen 2020-06-01 modified 2020-06-02 plugin id 121227 published 2019-01-17 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121227 title MySQL 5.6.x < 5.6.43 Multiple Vulnerabilities (Jan 2019 CPU) NASL family Databases NASL id MYSQL_8_0_14.NASL description The version of MySQL running on the remote host is 8.0.x prior to 8.0.14. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the January 2019 Critical Patch Update advisory: - An unspecified vulnerability in MySQL in the last seen 2020-06-01 modified 2020-06-02 plugin id 121229 published 2019-01-17 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121229 title MySQL 8.0.x < 8.0.14 Multiple Vulnerabilities (Jan 2019 CPU) NASL family Databases NASL id MYSQL_5_7_25.NASL description The version of MySQL running on the remote host is 5.7.x prior to 5.7.25. It is, therefore, affected by multiple vulnerabilities, including three of the top vulnerabilities below, as noted in the January 2019 Critical Patch Update advisory: - An unspecified vulnerability in MySQL in the last seen 2020-06-01 modified 2020-06-02 plugin id 121228 published 2019-01-17 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/121228 title MySQL 5.7.x < 5.7.25 Multiple Vulnerabilities (Jan 2019 CPU)