CVE Vulnerabilities

CVE-2018-2767

Published: Jul 18, 2018 | Modified: Sep 21, 2022
CVSS 3.x
3.1
LOW
Source:
NVD
CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N
CVSS 2.x
3.5 LOW
AV:N/AC:M/Au:S/C:P/I:N/A:N
RedHat/V2
RedHat/V3
3.1 LOW
CVSS:3.0/AV:N/AC:H/PR:N/UI:R/S:U/C:N/I:L/A:N
Ubuntu
MEDIUM

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Security: Encryption). Supported versions that are affected are 5.5.60 and prior, 5.6.40 and prior and 5.7.22 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized read access to a subset of MySQL Server accessible data. CVSS 3.0 Base Score 3.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:L/I:N/A:N).

Affected Software

Name Vendor Start Version End Version
Mysql Oracle 5.5.0 (including) 5.5.60 (including)
Mysql Oracle 5.6.0 (including) 5.6.40 (including)
Mysql Oracle 5.7.0 (including) 5.7.22 (including)
Mariadb-10.0 Ubuntu upstream *
Mariadb-10.1 Ubuntu artful *
Mariadb-10.1 Ubuntu upstream *
Mariadb-5.5 Ubuntu upstream *
Mysql-5.5 Ubuntu trusty *
Mysql-5.5 Ubuntu upstream *
Mysql-5.6 Ubuntu trusty *
Mysql-5.6 Ubuntu upstream *
Mysql-5.7 Ubuntu artful *
Mysql-5.7 Ubuntu bionic *
Mysql-5.7 Ubuntu cosmic *
Mysql-5.7 Ubuntu disco *
Mysql-5.7 Ubuntu upstream *
Mysql-5.7 Ubuntu xenial *
Percona-server-5.6 Ubuntu artful *
Percona-server-5.6 Ubuntu esm-apps/xenial *
Percona-server-5.6 Ubuntu xenial *
Percona-xtradb-cluster-5.5 Ubuntu trusty *
Percona-xtradb-cluster-5.6 Ubuntu artful *
Percona-xtradb-cluster-5.6 Ubuntu esm-apps/xenial *
Percona-xtradb-cluster-5.6 Ubuntu xenial *
Red Hat Enterprise Linux 7 RedHat mariadb-1:5.5.60-1.el7_5 *

References