What is the severity of CVE-2017-3589?

CVE-2017-3589 is considered an easily exploitable vulnerability, allowing a low privileged attacker to compromise the affected system.

How do I fix CVE-2017-3589?

To fix CVE-2017-3589, upgrade the Oracle MySQL Connector/J to a version later than 5.1.41.

Which versions of Oracle MySQL are affected by CVE-2017-3589?

Oracle MySQL Connector/J versions 5.1.41 and earlier are affected by CVE-2017-3589.

Who can exploit CVE-2017-3589?

CVE-2017-3589 can be exploited by low privileged attackers who have logon access to the infrastructure where MySQL Connectors executes.

What component does CVE-2017-3589 affect?

CVE-2017-3589 affects the MySQL Connectors component of Oracle MySQL, specifically the Connector/J subcomponent.

Vulnerability/
CVE-2017-3589

low

3.3

24/4/2017

20/2/2025

CVE-2017-3589

First published: Mon Apr 24 2017(Updated: )

An unspecified vulnerability in Oracle MySQL related to the Connectors Connector/J component could allow an authenticated attacker to cause no confidentiality impact, low integrity impact, and no availability impact.

Credit: secalert_us@oracle.com

Affected Software	Affected Version	How to fix
Oracle Connector\/j	<=5.1.41
IBM Data Virtualization on Cloud Pak for Data	<=3.0
IBM Watson Query with Cloud Pak for Data as a Service	<=2.2
IBM Watson Query with Cloud Pak for Data as a Service	<=2.1
IBM Watson Query with Cloud Pak for Data as a Service	<=2.0
IBM Data Virtualization on Cloud Pak for Data	<=1.8
IBM Data Virtualization on Cloud Pak for Data	<=1.7

Remedy

http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html

Never miss a vulnerability like this again

Reference Links

Parent vulnerabilities

(Appears in the following advisories)

IBM-7183851

Frequently Asked Questions

What is the severity of CVE-2017-3589?
CVE-2017-3589 is considered an easily exploitable vulnerability, allowing a low privileged attacker to compromise the affected system.
How do I fix CVE-2017-3589?
To fix CVE-2017-3589, upgrade the Oracle MySQL Connector/J to a version later than 5.1.41.
Which versions of Oracle MySQL are affected by CVE-2017-3589?
Oracle MySQL Connector/J versions 5.1.41 and earlier are affected by CVE-2017-3589.
Who can exploit CVE-2017-3589?
CVE-2017-3589 can be exploited by low privileged attackers who have logon access to the infrastructure where MySQL Connectors executes.
What component does CVE-2017-3589 affect?
CVE-2017-3589 affects the MySQL Connectors component of Oracle MySQL, specifically the Connector/J subcomponent.

collector/nvd-index
agent/type
collector/mitre-cve
source/MITRE
agent/remedy
agent/severity
agent/author
agent/first-publish-date
agent/references
agent/last-modified-date
agent/source
agent/description
agent/event
agent/softwarecombine
agent/tags
collector/ibm-support
source/IBM
agent/software-canonical-lookup
agent/software-canonical-lookup-request
vendor/oracle
canonical/oracle connector\/j
version/oracle connector\/j/5.1.41
vendor/ibm
canonical/ibm data virtualization on cloud pak for data
version/ibm data virtualization on cloud pak for data/3.0
canonical/ibm watson query with cloud pak for data as a service
version/ibm watson query with cloud pak for data as a service/2.2
version/ibm watson query with cloud pak for data as a service/2.1
version/ibm watson query with cloud pak for data as a service/2.0
version/ibm data virtualization on cloud pak for data/1.8
version/ibm data virtualization on cloud pak for data/1.7