{"resultsPerPage":1,"startIndex":0,"totalResults":1,"format":"NVD_CVE","version":"2.0","timestamp":"2026-06-14T03:27:38.479","vulnerabilities":[{"cve":{"id":"CVE-2017-3523","sourceIdentifier":"secalert_us@oracle.com","published":"2017-04-24T19:59:03.567","lastModified":"2026-05-13T00:24:29.033","vulnStatus":"Modified","cveTags":[],"descriptions":[{"lang":"en","value":"Vulnerability in the MySQL Connectors component of Oracle MySQL (subcomponent: Connector/J). Supported versions that are affected are 5.1.40 and earlier. Difficult to exploit vulnerability allows low privileged attacker with network access via multiple protocols to compromise MySQL Connectors. While the vulnerability is in MySQL Connectors, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of MySQL Connectors. CVSS 3.0 Base Score 8.5 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H)."},{"lang":"es","value":"Vulnerabilidad en el componente MySQL Connectors de Oracle MySQL (subcomponente: Connector/J). Versiones compatibles que son afectadas son 5.1.40 y anteriores. Vulnerabilidad dificil de explotar permite a los atacantes de bajo privilegio con acceso a la red a través de múltiples protocolos comprometer a MySQL Connectors. Aunque la vulnerabilidad está en MySQL Connectors, los ataques pueden afectar significativamente a otros productos. Los ataques exitosos de esta vulnerabilidad pueden resultar en la adquisición de MySQL Connectors. CVSS 3.0 Base Score 8.5 (Confidencialidad, integridad e Impactos de disponibilidad). Vector CVSS: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H)."}],"metrics":{"cvssMetricV30":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"3.0","vectorString":"CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:H/I:H/A:H","baseScore":8.5,"baseSeverity":"HIGH","attackVector":"NETWORK","attackComplexity":"HIGH","privilegesRequired":"LOW","userInteraction":"NONE","scope":"CHANGED","confidentialityImpact":"HIGH","integrityImpact":"HIGH","availabilityImpact":"HIGH"},"exploitabilityScore":1.8,"impactScore":6.0}],"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:N/AC:M/Au:S/C:P/I:P/A:P","baseScore":6.0,"accessVector":"NETWORK","accessComplexity":"MEDIUM","authentication":"SINGLE","confidentialityImpact":"PARTIAL","integrityImpact":"PARTIAL","availabilityImpact":"PARTIAL"},"baseSeverity":"MEDIUM","exploitabilityScore":6.8,"impactScore":6.4,"acInsufInfo":false,"obtainAllPrivilege":false,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"weaknesses":[{"source":"nvd@nist.gov","type":"Primary","description":[{"lang":"en","value":"NVD-CWE-noinfo"}]}],"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:a:oracle:connector\\/j:*:*:*:*:*:*:*:*","versionEndIncluding":"5.1.40","matchCriteriaId":"C6664D63-8C98-4753-B466-D497B2E63A7B"}]}]}],"references":[{"url":"http://www.debian.org/security/2017/dsa-3840","source":"secalert_us@oracle.com"},{"url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html","source":"secalert_us@oracle.com","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/97982","source":"secalert_us@oracle.com","tags":["Third Party Advisory","VDB Entry"]},{"url":"http://www.debian.org/security/2017/dsa-3840","source":"af854a3a-2127-422b-91ae-364da2661108"},{"url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch","Vendor Advisory"]},{"url":"http://www.securityfocus.com/bid/97982","source":"af854a3a-2127-422b-91ae-364da2661108","tags":["Third Party Advisory","VDB Entry"]}]}}]}