Low severity3.3NVD Advisory· Published Apr 24, 2017· Updated May 13, 2026

CVE-2017-3589

Description

Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 5.1.41 and earlier. Easily "exploitable" vulnerability allows low privileged attacker with logon to the infrastructure where MySQL Connectors executes to compromise MySQL Connectors. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connectors accessible data. CVSS 3.0 Base Score 3.3 (Integrity impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N).

Affected packages

Versions sourced from the GitHub Security Advisory.

Package	Affected versions	Patched versions
mysql:mysql-connector-javaMaven	< 5.1.42	5.1.42

Affected products

Oracle Corporation/Connector\/j
cpe:2.3:a:oracle:connector\/j:*:*:*:*:*:*:*:*
Range: <=5.1.41
Oracle Corporation/MySQL Connectorsv5
Range: 5.1.41 and earlier

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.htmlnvdPatchVendor AdvisoryWEB
www.securityfocus.com/bid/97836nvdThird Party AdvisoryVDB Entry
github.com/advisories/GHSA-cjcf-wm2p-59h5ghsaADVISORY
nvd.nist.gov/vuln/detail/CVE-2017-3589ghsaADVISORY
www.debian.org/security/2017/dsa-3857nvdWEB
www.securitytracker.com/id/1038287nvd

News mentions

No linked articles in our index yet.

cvss	0.214
epss	0.000
exploit	0.000
kev	0.000
patch	0.000
ransomware	0.000