edit-icon download-icon

[Vulnerability notice] CVE-2018-2562 to 2591: Multiple security vulnerabilities in MySQL

Last Updated: Apr 08, 2018

On December 16, 2017 (American time), Oracle released a security publication, which published the patches for fixing 25 vulnerabilities in Oracle MySQL. Among these vulnerabilities, CVE-2018-2696 has a large adverse impact, and it can be remotely exploited to start DoS attacks without authentication. We recommend that you pay attention to these vulnerabilities.

See the following for more information about the vulnerability.


CVE identifier

CVE-2018-2562 to 2591

Vulnerability name

Multiple security vulnerabilities in MySQL

Vulnerability rating

High

Vulnerability description

According to Oracle, multiple remotely exploitable vulnerabilities in Oracle MySQL have been addressed. Of the vulnerabilities, CVE-2018-2562 and CVE-2018-2591 are critical and can be directly exploited remotely to start attacks. Attackers can obtain data, tamper with data, or initiate DoS attacks, thereby affecting MySQL services.

Condition and method of exploitation

The vulnerability can be exploited by using PoC.

Poc status

Unpublished

Affected scope

  • MySQL 5.6.x <= 5.6.38
  • MySQL 5.7.x <= 5.7.20

Vulnerability detection

Check whether any affected version of Oracle MySQL is used.

How to fix or mitigate

  • Oracle has released the latest versions of MySQL. We recommend that users who created MySQL databases manually download and install the latest versions as soon as possible.

    Note: We recommend that you create an ECS snapshot to back up data before the upgrade. The backup data can be used for restoration in case any exception occurs.

  • Perform Security hardening on the self-created MySQL databases. For example, configure a security group policy and disable access to Port 3306 through the Internet to prevent remote exploitation by hackers.

Reference

[1]. http://www.oracle.com/technetwork/security-advisory/cpujan2018verbose-3236630.html#MSQL
[2]. http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html
[3]. https://securitytracker.com/id/1040216

Thank you! We've received your feedback.