On December 16, 2017 (American time), Oracle released a security publication, which published the patches for fixing 25 vulnerabilities in Oracle MySQL. Among these vulnerabilities, CVE-2018-2696 has a large adverse impact, and it can be remotely exploited to start DoS attacks without authentication. We recommend that you pay attention to these vulnerabilities.
See the following for more information about the vulnerability.
CVE-2018-2562 to 2591
Multiple security vulnerabilities in MySQL
According to Oracle, multiple remotely exploitable vulnerabilities in Oracle MySQL have been addressed. Of the vulnerabilities, CVE-2018-2562 and CVE-2018-2591 are critical and can be directly exploited remotely to start attacks. Attackers can obtain data, tamper with data, or initiate DoS attacks, thereby affecting MySQL services.
Condition and method of exploitation
The vulnerability can be exploited by using PoC.
- MySQL 5.6.x <= 5.6.38
- MySQL 5.7.x <= 5.7.20
Check whether any affected version of Oracle MySQL is used.
How to fix or mitigate
Oracle has released the latest versions of MySQL. We recommend that users who created MySQL databases manually download and install the latest versions as soon as possible.
Note: We recommend that you create an ECS snapshot to back up data before the upgrade. The backup data can be used for restoration in case any exception occurs.
Perform Security hardening on the self-created MySQL databases. For example, configure a security group policy and disable access to Port 3306 through the Internet to prevent remote exploitation by hackers.