{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2023 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2017-10313","title":"Title"},{"category":"description","text":"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Group Replication GCS). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2017-10313","url":"https://www.suse.com/security/cve/CVE-2017-10313"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1064111 for CVE-2017-10313","url":"https://bugzilla.suse.com/1064111"},{"category":"external","summary":"SUSE Bug 1064119 for CVE-2017-10313","url":"https://bugzilla.suse.com/1064119"}],"title":"SUSE CVE CVE-2017-10313","tracking":{"current_release_date":"2023-02-15T04:43:49Z","generator":{"date":"2023-02-15T04:43:49Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2017-10313","initial_release_date":"2023-02-15T04:43:49Z","revision_history":[{"date":"2023-02-15T04:43:49Z","number":"2","summary":"Current version"}],"status":"interim","version":"2"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise Server 11 SP4-LTSS","product":{"name":"SUSE Linux Enterprise Server 11 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:suse_sles:11:sp4"}}},{"category":"product_version","name":"libmysql55client18","product":{"name":"libmysql55client18","product_id":"libmysql55client18"}},{"category":"product_version","name":"libmysql55client18-32bit","product":{"name":"libmysql55client18-32bit","product_id":"libmysql55client18-32bit"}},{"category":"product_version","name":"libmysql55client_r18","product":{"name":"libmysql55client_r18","product_id":"libmysql55client_r18"}},{"category":"product_version","name":"libmysql55client_r18-32bit","product":{"name":"libmysql55client_r18-32bit","product_id":"libmysql55client_r18-32bit"}},{"category":"product_version","name":"libmysqlclient15","product":{"name":"libmysqlclient15","product_id":"libmysqlclient15"}},{"category":"product_version","name":"libmysqlclient15-32bit","product":{"name":"libmysqlclient15-32bit","product_id":"libmysqlclient15-32bit"}},{"category":"product_version","name":"libmysqlclient_r15","product":{"name":"libmysqlclient_r15","product_id":"libmysqlclient_r15"}},{"category":"product_version","name":"mysql","product":{"name":"mysql","product_id":"mysql","product_identification_helper":{"cpe":"cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*"}}},{"category":"product_version","name":"mysql-client","product":{"name":"mysql-client","product_id":"mysql-client"}},{"category":"product_version","name":"mysql-tools","product":{"name":"mysql-tools","product_id":"mysql-tools"}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"libmysql55client18 as component of SUSE Linux Enterprise Server 11 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4-LTSS:libmysql55client18"},"product_reference":"libmysql55client18","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libmysql55client18-32bit as component of SUSE Linux Enterprise Server 11 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4-LTSS:libmysql55client18-32bit"},"product_reference":"libmysql55client18-32bit","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libmysql55client_r18 as component of SUSE Linux Enterprise Server 11 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4-LTSS:libmysql55client_r18"},"product_reference":"libmysql55client_r18","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libmysql55client_r18-32bit as component of SUSE Linux Enterprise Server 11 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4-LTSS:libmysql55client_r18-32bit"},"product_reference":"libmysql55client_r18-32bit","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libmysqlclient15 as component of SUSE Linux Enterprise Server 11 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4-LTSS:libmysqlclient15"},"product_reference":"libmysqlclient15","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libmysqlclient15-32bit as component of SUSE Linux Enterprise Server 11 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4-LTSS:libmysqlclient15-32bit"},"product_reference":"libmysqlclient15-32bit","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libmysqlclient_r15 as component of SUSE Linux Enterprise Server 11 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4-LTSS:libmysqlclient_r15"},"product_reference":"libmysqlclient_r15","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"mysql as component of SUSE Linux Enterprise Server 11 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4-LTSS:mysql"},"product_reference":"mysql","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"mysql-client as component of SUSE Linux Enterprise Server 11 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4-LTSS:mysql-client"},"product_reference":"mysql-client","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"mysql-tools as component of SUSE Linux Enterprise Server 11 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4-LTSS:mysql-tools"},"product_reference":"mysql-tools","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4-LTSS"}]},"vulnerabilities":[{"cve":"CVE-2017-10313","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2017-10313"}],"notes":[{"category":"general","text":"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Group Replication GCS). Supported versions that are affected are 5.7.19 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 4.9 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H).","title":"Vulnerability description"}],"product_status":{"known not affected":["SUSE Linux Enterprise Server 11 SP4-LTSS:libmysql55client18","SUSE Linux Enterprise Server 11 SP4-LTSS:libmysql55client18-32bit","SUSE Linux Enterprise Server 11 SP4-LTSS:libmysql55client_r18","SUSE Linux Enterprise Server 11 SP4-LTSS:libmysql55client_r18-32bit","SUSE Linux Enterprise Server 11 SP4-LTSS:libmysqlclient15","SUSE Linux Enterprise Server 11 SP4-LTSS:libmysqlclient15-32bit","SUSE Linux Enterprise Server 11 SP4-LTSS:libmysqlclient_r15","SUSE Linux Enterprise Server 11 SP4-LTSS:mysql","SUSE Linux Enterprise Server 11 SP4-LTSS:mysql-client","SUSE Linux Enterprise Server 11 SP4-LTSS:mysql-tools"]},"references":[{"category":"external","summary":"CVE-2017-10313","url":"https://www.suse.com/security/cve/CVE-2017-10313"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1064111 for CVE-2017-10313","url":"https://bugzilla.suse.com/1064111"},{"category":"external","summary":"SUSE Bug 1064119 for CVE-2017-10313","url":"https://bugzilla.suse.com/1064119"}],"threats":[{"category":"impact","date":"2017-10-18T12:38:25Z","details":"moderate"}],"title":"CVE-2017-10313"}]}