VYPR
Get started
← All advisories
High severity8.8NVD Advisory· Published Oct 19, 2017· Updated May 13, 2026

CVE-2017-10424

CVE-2017-10424

Description

Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Web). Supported versions that are affected are 3.2.8.2223 and earlier, 3.3.4.3247 and earlier and 3.4.2.4181 and earlier. Easily exploitable vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of MySQL Enterprise Monitor. CVSS 3.0 Base Score 8.8 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H).

Affected products

21
  • Oracle Corporation/Mysql Enterprise Monitor20 versions
    cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.0:*:*:*:*:*:*:*+ 19 more
    • cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.0:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.1:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.2:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.3:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.4:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.5:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.6:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.7:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.8:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:mysql_enterprise_monitor:3.2.8.2223:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.0:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.1:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.2:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.3:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.4:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:mysql_enterprise_monitor:3.3.4.3247:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.0:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.1:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.2:*:*:*:*:*:*:*
    • cpe:2.3:a:oracle:mysql_enterprise_monitor:3.4.2.4181:*:*:*:*:*:*:*
  • Oracle Corporation/MySQL Enterprise Monitorv5
    Range: 3.2.8.2223 and earlier

Patches

0

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

4

News mentions

0

No linked articles in our index yet.