Low severity3.8NVD Advisory· Published Oct 19, 2017· Updated May 13, 2026

CVE-2017-10365

Description

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: InnoDB). Supported versions that are affected are 5.7.18 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Server accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Server. CVSS 3.0 Base Score 3.8 (Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:L).

Affected products

MariaDB/MariaDB
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
Range: >=10.2.0,<10.2.8
NetApp/Active Iq Unified Manager2 versions
cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*+ 1 more
- cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*range: >=9.5
- cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*range: >=7.3
NetApp/Oncommand Balance
cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*
NetApp/Oncommand Insight
cpe:2.3:a:netapp:oncommand_insight:-:*:*:*:*:*:*:*
NetApp/Oncommand Performance Manager
cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:vmware_vsphere:*:*
NetApp/Oncommand Unified Manager2 versions
cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*+ 1 more
- cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*range: <=7.1
- cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*range: <=7.1
NetApp/Oncommand Workflow Automation
cpe:2.3:a:netapp:oncommand_workflow_automation:-:*:*:*:*:*:*:*
NetApp/Snapcenter
cpe:2.3:a:netapp:snapcenter:-:*:*:*:*:*:*:*
Oracle Corporation/MySQL
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
Range: >=5.7.0,<=5.7.18
Oracle Corporation/MySQL Serverv5
Range: 5.7.18 and earlier

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.htmlnvdPatchVendor Advisory
www.securityfocus.com/bid/101429nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1039597nvdBroken LinkThird Party AdvisoryVDB Entry
access.redhat.com/errata/RHSA-2017:3442nvdThird Party Advisory
security.netapp.com/advisory/ntap-20171019-0002/nvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.247
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000