Medium severity4.4NVD Advisory· Published Jan 27, 2017· Updated May 13, 2026

CVE-2017-3243

Description

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Charsets). Supported versions that are affected are 5.5.53 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS v3.0 Base Score 4.4 (Availability impacts).

Affected products

MariaDB/MariaDB
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
Range: >=5.5.0,<5.5.54
Oracle Corporation/MySQL
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
Range: >=5.5.0,<=5.5.53
Debian/Debian Linux
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Red Hat/Enterprise Linux Desktop
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
Red Hat/Enterprise Linux Eus4 versions
cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*+ 3 more
- cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
Red Hat/Enterprise Linux Server
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
Red Hat/Enterprise Linux Server Aus2 versions
cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
Red Hat/Enterprise Linux Server Tus2 versions
cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*
Red Hat/Enterprise Linux Workstation
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
osv-coords41 versions
pkg:rpm/opensuse/mariadb&distro=openSUSE%20Tumbleweed pkg:rpm/suse/lz4&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5 pkg:rpm/suse/lz4&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5 pkg:rpm/suse/lz4&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5 pkg:rpm/suse/mariadb104&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSS pkg:rpm/suse/mariadb104&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5 pkg:rpm/suse/mariadb104&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS pkg:rpm/suse/mariadb104&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5 pkg:rpm/suse/mariadb104&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1 pkg:rpm/suse/mariadb104&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5 pkg:rpm/suse/mariadb-connector-c&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5 pkg:rpm/suse/mariadb-connector-c&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5 pkg:rpm/suse/mariadb-connector-c&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5 pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP1 pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Desktop%2012%20SP2 pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP1 pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP2 pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%2012-LTSS pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%20for%20Raspberry%20Pi%2012%20SP2 pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012 pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP1 pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP2 pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP1 pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP2 pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP1 pkg:rpm/suse/mariadb&distro=SUSE%20Linux%20Enterprise%20Workstation%20Extension%2012%20SP2 pkg:rpm/suse/mysql&distro=SUSE%20Linux%20Enterprise%20Point%20of%20Sale%2011%20SP3 pkg:rpm/suse/mysql&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-LTSS pkg:rpm/suse/mysql&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP3-TERADATA pkg:rpm/suse/mysql&distro=SUSE%20Linux%20Enterprise%20Server%2011%20SP4 pkg:rpm/suse/mysql&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2011%20SP4 pkg:rpm/suse/mysql&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2011%20SP4 pkg:rpm/suse/mysql&distro=SUSE%20Manager%202.1 pkg:rpm/suse/mysql&distro=SUSE%20Manager%20Proxy%202.1 pkg:rpm/suse/mysql&distro=SUSE%20OpenStack%20Cloud%205 pkg:rpm/suse/python-mysqlclient&distro=SUSE%20Linux%20Enterprise%20High%20Performance%20Computing%2015%20SP1-LTSS pkg:rpm/suse/python-mysqlclient&distro=SUSE%20Linux%20Enterprise%20Server%2012%20SP5 pkg:rpm/suse/python-mysqlclient&distro=SUSE%20Linux%20Enterprise%20Server%2015%20SP1-LTSS pkg:rpm/suse/python-mysqlclient&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2012%20SP5 pkg:rpm/suse/python-mysqlclient&distro=SUSE%20Linux%20Enterprise%20Server%20for%20SAP%20Applications%2015%20SP1 pkg:rpm/suse/python-mysqlclient&distro=SUSE%20Linux%20Enterprise%20Software%20Development%20Kit%2012%20SP5
< 10.6.4-2.1+ 40 more
- (no CPE)range: < 10.6.4-2.1
- (no CPE)range: < 1.8.0-3.5.2
- (no CPE)range: < 1.8.0-3.5.2
- (no CPE)range: < 1.8.0-3.5.2
- (no CPE)range: < 10.4.30-150100.3.5.10
- (no CPE)range: < 10.4.30-8.5.46
- (no CPE)range: < 10.4.30-150100.3.5.10
- (no CPE)range: < 10.4.30-8.5.46
- (no CPE)range: < 10.4.30-150100.3.5.10
- (no CPE)range: < 10.4.30-8.5.46
- (no CPE)range: < 3.1.22-2.35.1
- (no CPE)range: < 3.1.22-2.35.1
- (no CPE)range: < 3.1.22-2.35.1
- (no CPE)range: < 10.0.29-22.1
- (no CPE)range: < 10.0.29-22.1
- (no CPE)range: < 10.0.29-22.1
- (no CPE)range: < 10.0.29-22.1
- (no CPE)range: < 10.0.29-20.23.1
- (no CPE)range: < 10.0.29-22.1
- (no CPE)range: < 10.0.29-20.23.1
- (no CPE)range: < 10.0.29-22.1
- (no CPE)range: < 10.0.29-22.1
- (no CPE)range: < 10.0.29-22.1
- (no CPE)range: < 10.0.29-22.1
- (no CPE)range: < 10.0.29-22.1
- (no CPE)range: < 10.0.29-22.1
- (no CPE)range: < 5.5.54-0.35.1
- (no CPE)range: < 5.5.54-0.35.1
- (no CPE)range: < 5.5.54-0.35.1
- (no CPE)range: < 5.5.54-0.35.1
- (no CPE)range: < 5.5.54-0.35.1
- (no CPE)range: < 5.5.54-0.35.1
- (no CPE)range: < 5.5.54-0.35.1
- (no CPE)range: < 5.5.54-0.35.1
- (no CPE)range: < 5.5.54-0.35.1
- (no CPE)range: < 1.4.6-150100.3.3.7
- (no CPE)range: < 1.3.14-8.9.2
- (no CPE)range: < 1.4.6-150100.3.3.7
- (no CPE)range: < 1.3.14-8.9.2
- (no CPE)range: < 1.4.6-150100.3.3.7
- (no CPE)range: < 1.3.14-8.9.2
Oracle/MySQL Serverv5
Range: 5.5.53 and earlier

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.htmlnvdPatchVendor Advisory
www.debian.org/security/2017/dsa-3767nvdThird Party Advisory
www.debian.org/security/2017/dsa-3770nvdThird Party Advisory
www.securityfocus.com/bid/95538nvdThird Party AdvisoryVDB Entry
www.securitytracker.com/id/1037640nvdBroken LinkThird Party AdvisoryVDB Entry
access.redhat.com/errata/RHSA-2017:2192nvdThird Party Advisory
access.redhat.com/errata/RHSA-2018:0279nvdThird Party Advisory
access.redhat.com/errata/RHSA-2018:0574nvdThird Party Advisory
security.gentoo.org/glsa/201702-17nvdThird Party Advisory
security.gentoo.org/glsa/201702-18nvdThird Party Advisory

News mentions

No linked articles in our index yet.

cvss	0.286
epss	0.004
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000