What is CVE-2018-3144?

CVE-2018-3144 is a vulnerability in the MySQL Server component of Oracle MySQL that allows an unauthenticated attacker with network access to compromise the availability, integrity, and confidentiality of the affected system.

Which versions of Oracle MySQL are affected by CVE-2018-3144?

The affected versions are 5.7.23 and prior, and 8.0.12 and prior.

How severe is CVE-2018-3144?

CVE-2018-3144 has a severity rating of medium, with a CVSS score of 5.9.

How can an attacker exploit CVE-2018-3144?

An unauthenticated attacker with network access can exploit the vulnerability via multiple protocols to compromise the affected system.

Where can I find more information about CVE-2018-3144?

You can find more information about CVE-2018-3144 in the Oracle Security Advisory and various security websites.

Vulnerability/
CVE-2018-3144

medium

5.9

17/10/2018

21/11/2024

CVE-2018-3144

First published: Wed Oct 17 2018(Updated: )

Last updated 24 July 2024

Credit: secalert_us@oracle.com secalert_us@oracle.com

Affected Software	Affected Version	How to fix
debian/mysql-5.5
debian/mysql-5.7
redhat/mysql	<5.7.24	5.7.24
redhat/mysql	<8.0.13	8.0.13
Oracle MySQL	>=5.7.0<=5.7.23
Oracle MySQL	>=8.0.0<=8.0.12
NetApp OnCommand Insight
Netapp Oncommand Unified Manager Vmware Vsphere	>=9.4
NetApp OnCommand Workflow Automation
Netapp Snapcenter
Netapp Storage Automation Store
Netapp Oncommand Unified Manager	>=7.3
Microsoft Windows
Canonical Ubuntu Linux	=14.04
Canonical Ubuntu Linux	=16.04
Canonical Ubuntu Linux	=18.04
Canonical Ubuntu Linux	=18.10
All of
Netapp Oncommand Unified Manager	>=7.3
Microsoft Windows

Remedy

http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html

Never miss a vulnerability like this again

Reference Links

Frequently Asked Questions

What is CVE-2018-3144?
CVE-2018-3144 is a vulnerability in the MySQL Server component of Oracle MySQL that allows an unauthenticated attacker with network access to compromise the availability, integrity, and confidentiality of the affected system.
Which versions of Oracle MySQL are affected by CVE-2018-3144?
The affected versions are 5.7.23 and prior, and 8.0.12 and prior.
How severe is CVE-2018-3144?
CVE-2018-3144 has a severity rating of medium, with a CVSS score of 5.9.
How can an attacker exploit CVE-2018-3144?
An unauthenticated attacker with network access can exploit the vulnerability via multiple protocols to compromise the affected system.
Where can I find more information about CVE-2018-3144?
You can find more information about CVE-2018-3144 in the Oracle Security Advisory and various security websites.

agent/type
collector/launchpad-cve
source/Launchpad
agent/author
collector/security-tracker-debian
source/Debian
agent/software-canonical-lookup
agent/severity
agent/remedy
collector/redhat-bugzilla
source/Red Hat
alias/CVE-2018-3144
collector/nvd-index
agent/software-canonical-lookup-request
collector/usn-cve
source/Ubuntu
agent/references
agent/softwarecombine
agent/tags
agent/first-publish-date
agent/event
agent/description
collector/mitre-cve
source/MITRE
collector/nvd-cve
source/NVD
agent/last-modified-date
agent/trending
package-manager/debian
package-manager/redhat
vendor/oracle
canonical/oracle mysql
version/oracle mysql/5.7.0
version/oracle mysql/5.7.23
version/oracle mysql/8.0.0
version/oracle mysql/8.0.12
vendor/netapp
canonical/netapp oncommand insight
canonical/netapp oncommand unified manager vmware vsphere
version/netapp oncommand unified manager vmware vsphere/9.4
canonical/netapp oncommand workflow automation
canonical/netapp snapcenter
canonical/netapp storage automation store
canonical/netapp oncommand unified manager
version/netapp oncommand unified manager/7.3
vendor/microsoft
canonical/microsoft windows
vendor/canonical
canonical/canonical ubuntu linux
version/canonical ubuntu linux/14.04
version/canonical ubuntu linux/16.04
version/canonical ubuntu linux/18.04
version/canonical ubuntu linux/18.10