CVE-2018-3284
First published: Wed Oct 17 2018(Updated: )
Last updated 24 July 2024
Credit: secalert_us@oracle.com secalert_us@oracle.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| redhat/mysql | <5.7.24 | 5.7.24 |
| redhat/mysql | <8.0.13 | 8.0.13 |
| redhat/mariadb | <10.3.11 | 10.3.11 |
| redhat/mariadb | <10.2.19 | 10.2.19 |
| debian/mysql-5.5 | ||
| debian/mysql-5.7 | ||
| Oracle MySQL | >=5.7.0<=5.7.23 | |
| Oracle MySQL | >=8.0.0<=8.0.12 | |
| Canonical Ubuntu Linux | =14.04 | |
| Canonical Ubuntu Linux | =16.04 | |
| Canonical Ubuntu Linux | =18.04 | |
| Canonical Ubuntu Linux | =18.10 | |
| Netapp Active Iq Unified Manager Windows | >=7.3 | |
| Netapp Active Iq Unified Manager Vmware Vsphere | >=9.5 | |
| NetApp OnCommand Insight | ||
| NetApp OnCommand Workflow Automation | ||
| Netapp Snapcenter | ||
| Mariadb Mariadb | >=10.2.0<10.2.19 | |
| Mariadb Mariadb | >=10.3.0<10.3.11 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
- http://www.securityfocus.com/bid/105594
- http://www.securitytracker.com/id/1041888
- https://security.netapp.com/advisory/ntap-20181018-0002/
- https://usn.ubuntu.com/3799-1/
- https://access.redhat.com/errata/RHSA-2018:3655
- https://access.redhat.com/errata/RHSA-2019:1258
- https://security.gentoo.org/glsa/201908-24
- https://launchpad.net/bugs/cve/CVE-2018-3284
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1640559
- https://bugzilla.redhat.com/show_bug.cgi?id=1640310
- https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html#AppendixMSQL
- https://security-tracker.debian.org/tracker/CVE-2018-3284
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3284
- https://nvd.nist.gov/vuln/detail/CVE-2018-3284
- https://ubuntu.com/security/CVE-2018-3284
Frequently Asked Questions
What is the vulnerability ID for this MySQL Server vulnerability?
The vulnerability ID for this MySQL Server vulnerability is CVE-2018-3284.
Which versions of MySQL Server are affected by this vulnerability?
The versions of MySQL Server that are affected by this vulnerability are 5.7.23 and prior, and 8.0.12 and prior.
Is it difficult to exploit this vulnerability?
Yes, this vulnerability is difficult to exploit.
Can a high privileged attacker compromise the MySQL Server through this vulnerability?
Yes, a high privileged attacker with network access can compromise the MySQL Server through this vulnerability.
How can I fix this vulnerability?
To fix this vulnerability, update to MySQL Server version 5.7.24 or later for versions 5.7.x, and update to version 8.0.13 or later for versions 8.0.x.
- agent/type
- agent/first-publish-date
- collector/launchpad-cve
- source/Launchpad
- agent/author
- collector/redhat-bugzilla
- source/Red Hat
- alias/CVE-2018-3284
- agent/software-canonical-lookup
- agent/severity
- agent/remedy
- collector/security-tracker-debian
- source/Debian
- agent/description
- agent/references
- collector/nvd-index
- agent/software-canonical-lookup-request
- collector/nvd-cve
- source/NVD
- agent/softwarecombine
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/tags
- agent/event
- collector/usn-cve
- source/Ubuntu
- package-manager/redhat
- package-manager/debian
- vendor/oracle
- canonical/oracle mysql
- version/oracle mysql/5.7.0
- version/oracle mysql/5.7.23
- version/oracle mysql/8.0.0
- version/oracle mysql/8.0.12
- vendor/canonical
- canonical/canonical ubuntu linux
- version/canonical ubuntu linux/14.04
- version/canonical ubuntu linux/16.04
- version/canonical ubuntu linux/18.04
- version/canonical ubuntu linux/18.10
- vendor/netapp
- canonical/netapp active iq unified manager windows
- version/netapp active iq unified manager windows/7.3
- canonical/netapp active iq unified manager vmware vsphere
- version/netapp active iq unified manager vmware vsphere/9.5
- canonical/netapp oncommand insight
- canonical/netapp oncommand workflow automation
- canonical/netapp snapcenter
- vendor/mariadb
- canonical/mariadb mariadb
- version/mariadb mariadb/10.2.0
- version/mariadb mariadb/10.3.0