Oracle MySQL Server CVE-2018-2775 – Remote Security

Authors:Oracle               Risk:High

CVE:CVE-2018-2775           0day:Remote Security

0day-id:0DAY-2775            Date:2018-04-19

Description

MySQL is the world’s most popular open source database. With its proven performance, reliability, and ease-of-use, MySQL has become the leading database choice for web-based applications, used by high profile web properties including Facebook, Twitter, YouTube, and all five of the top five websites*. Additionally, it is an extremely popular choice as embedded database, distributed by thousands of ISVs and OEMs.

Analysis

Oracle MySQL Server is prone to a remote security vulnerability in ‘Server: Optimizer’ component.

The vulnerability can be exploited over the ‘MySQL’ protocol.

This vulnerability affects the following supported versions:
5.7.21 and prior

Vulnerable

Oracle MySQL Server 5.7.21 
Oracle MySQL Server 5.7.20 
Oracle MySQL Server 5.7.19 
Oracle MySQL Server 5.7.18 
Oracle MySQL Server 5.7.17 
Oracle MySQL Server 5.7.16 
Oracle MySQL Server 5.7.15 
Oracle MySQL Server 5.7.12 
Oracle MySQL Server 5.7

 

Leave a Reply