{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-04-18T21:43:21.831","vulnerabilities":[{"cve":{"id":"CVE-2017-3306","sourceIdentifier":"secalert_us@oracle.com","published":"2017-04-24T19:59:00.847","lastModified":"2025-04-20T01:37:25.860","vulnStatus":"Deferred","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Server). Supported versions that are affected are 3.1.6.8003 and earlier, 3.2.1182 and earlier and 3.3.2.1162 and earlier. Easily \"exploitable\" vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Enterprise Monitor. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Enterprise Monitor, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in unauthorized creation, deletion or modification access to critical data or all MySQL Enterprise Monitor accessible data as well as unauthorized access to critical data or complete access to all MySQL Enterprise Monitor accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Enterprise Monitor. CVSS 3.0 Base Score 8.3 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L)."},{"lang":"es","value":"Vulnerabilidad en el componente MySQL Enterprise Monitor de Oracle MySQL (subcomponente: Monitoreng: Server). Las versiones compatibles que están afectadas son 3.1.6.8003 y versiones anteriores, 3.2.1182 y versiones anteriores y 3.3.2.1162 y versiones anteriores. La vulnerabilidad fácilmente \"explotable\" permite a un atacante altamente privilegiado con acceso a la red comprometer MySQL Enterprise Monitor a través de múltiples protocolos. Los ataques exitosos requieren interacción humana de una persona diferente al atacante y mientras la vulnerabilidad esté en MySQL Enterprise Monitor, los ataques pueden impactar significativamente productos adicionales. Los ataques exitosos de esta vulnerabilidad pueden resultar en creación, borrado o modificación de acceso no autorizado a datos críticos o a todos los datos accesibles de MySQL Enterprise Monitor así como acceso no autorizado a datos críticos o acceso completo a todos los datos accesibles de MySQL Enterprise Monitor y capacidad no autorizada para provocar una denegación de servicio parcial (DOS parcial) de MySQL Enterprise Monitor. CVSS 3.0 Base Score 8.3 (Impactos de Confidencialidad, Integridad y Disponibilidad). Vector CVSS (CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L)."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:L/PR:H/UI:R/S:C/C:H/I:H/A:L","baseScore":8.3,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"LOW","privilegesRequired":"HIGH","userInteraction":"REQUIRED","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"LOW"},"exploitabilityScore":1.7,"impactScore":6.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:C/I:C/A:P","baseScore":8.2,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"PARTIAL"},"baseSeverity":"HIGH","exploitabilityScore":6.8,"impactScore":9.5,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":true}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*","versionStartIncluding":"3.1.0","versionEndIncluding":"3.1.6.8003","matchCriteriaId":"89091B98-A6F4-4ACA-9C72-340B38F88C8B"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*","versionStartIncluding":"3.2.0","versionEndIncluding":"3.2.1182","matchCriteriaId":"06F296B9-BD05-4A25-8F60-18752ACE7B62"},{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:mysql_enterprise_monitor:*:*:*:*:*:*:*:*","versionStartIncluding":"3.3.0","versionEndIncluding":"3.3.2.1162","matchCriteriaId":"2C0E67D9-A588-4BE4-8B47-643B622877EE"}]}]}],"references":[{"url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html","source":"secalert_us@oracle.com","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/97724","source":"secalert_us@oracle.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038287","source":"secalert_us@oracle.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/97724","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.securitytracker.com/id/1038287","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}