{"document":{"aggregate_severity":{"namespace":"https://www.suse.com/support/security/rating/","text":"moderate"},"category":"csaf_vex","csaf_version":"2.0","distribution":{"text":"Copyright 2023 SUSE LLC. All rights reserved.","tlp":{"label":"WHITE","url":"https://www.first.org/tlp/"}},"lang":"en","notes":[{"category":"summary","text":"SUSE CVE-2018-3062","title":"Title"},{"category":"description","text":"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via memcached to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).","title":"Description of the CVE"},{"category":"legal_disclaimer","text":"CSAF 2.0 data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0).","title":"Terms of use"}],"publisher":{"category":"vendor","contact_details":"https://www.suse.com/support/security/contact/","name":"SUSE Product Security Team","namespace":"https://www.suse.com/"},"references":[{"category":"external","summary":"CVE-2018-3062","url":"https://www.suse.com/security/cve/CVE-2018-3062"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1103344 for CVE-2018-3062","url":"https://bugzilla.suse.com/1103344"},{"category":"external","summary":"Advisory link for openSUSE-SU-2018:2293-1","url":"https://lists.opensuse.org/opensuse-security-announce/2018-08/msg00039.html"}],"title":"SUSE CVE CVE-2018-3062","tracking":{"current_release_date":"2023-02-15T04:33:33Z","generator":{"date":"2023-02-15T04:33:33Z","engine":{"name":"cve-database.git:bin/generate-csaf-vex.pl","version":"1"}},"id":"CVE-2018-3062","initial_release_date":"2023-02-15T04:33:33Z","revision_history":[{"date":"2023-02-15T04:33:33Z","number":"2","summary":"Current version"}],"status":"interim","version":"2"}},"product_tree":{"branches":[{"branches":[{"branches":[{"category":"product_name","name":"SUSE Linux Enterprise Server 11 SP4-LTSS","product":{"name":"SUSE Linux Enterprise Server 11 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4-LTSS","product_identification_helper":{"cpe":"cpe:/o:suse:suse_sles:11:sp4"}}},{"category":"product_version","name":"libmysql55client18","product":{"name":"libmysql55client18","product_id":"libmysql55client18"}},{"category":"product_version","name":"libmysql55client18-32bit","product":{"name":"libmysql55client18-32bit","product_id":"libmysql55client18-32bit"}},{"category":"product_version","name":"libmysql55client_r18","product":{"name":"libmysql55client_r18","product_id":"libmysql55client_r18"}},{"category":"product_version","name":"libmysql55client_r18-32bit","product":{"name":"libmysql55client_r18-32bit","product_id":"libmysql55client_r18-32bit"}},{"category":"product_version","name":"libmysqlclient15","product":{"name":"libmysqlclient15","product_id":"libmysqlclient15"}},{"category":"product_version","name":"libmysqlclient15-32bit","product":{"name":"libmysqlclient15-32bit","product_id":"libmysqlclient15-32bit"}},{"category":"product_version","name":"libmysqlclient_r15","product":{"name":"libmysqlclient_r15","product_id":"libmysqlclient_r15"}},{"category":"product_version","name":"mysql","product":{"name":"mysql","product_id":"mysql","product_identification_helper":{"cpe":"cpe:2.3:a:oracle:mysql_server:*:*:*:*:*:*:*:*"}}},{"category":"product_version","name":"mysql-client","product":{"name":"mysql-client","product_id":"mysql-client"}},{"category":"product_version","name":"mysql-tools","product":{"name":"mysql-tools","product_id":"mysql-tools"}}],"category":"product_family","name":"SUSE Linux Enterprise"}],"category":"vendor","name":"SUSE"}],"relationships":[{"category":"default_component_of","full_product_name":{"name":"libmysql55client18 as component of SUSE Linux Enterprise Server 11 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4-LTSS:libmysql55client18"},"product_reference":"libmysql55client18","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libmysql55client18-32bit as component of SUSE Linux Enterprise Server 11 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4-LTSS:libmysql55client18-32bit"},"product_reference":"libmysql55client18-32bit","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libmysql55client_r18 as component of SUSE Linux Enterprise Server 11 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4-LTSS:libmysql55client_r18"},"product_reference":"libmysql55client_r18","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libmysql55client_r18-32bit as component of SUSE Linux Enterprise Server 11 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4-LTSS:libmysql55client_r18-32bit"},"product_reference":"libmysql55client_r18-32bit","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libmysqlclient15 as component of SUSE Linux Enterprise Server 11 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4-LTSS:libmysqlclient15"},"product_reference":"libmysqlclient15","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libmysqlclient15-32bit as component of SUSE Linux Enterprise Server 11 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4-LTSS:libmysqlclient15-32bit"},"product_reference":"libmysqlclient15-32bit","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"libmysqlclient_r15 as component of SUSE Linux Enterprise Server 11 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4-LTSS:libmysqlclient_r15"},"product_reference":"libmysqlclient_r15","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"mysql as component of SUSE Linux Enterprise Server 11 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4-LTSS:mysql"},"product_reference":"mysql","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"mysql-client as component of SUSE Linux Enterprise Server 11 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4-LTSS:mysql-client"},"product_reference":"mysql-client","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4-LTSS"},{"category":"default_component_of","full_product_name":{"name":"mysql-tools as component of SUSE Linux Enterprise Server 11 SP4-LTSS","product_id":"SUSE Linux Enterprise Server 11 SP4-LTSS:mysql-tools"},"product_reference":"mysql-tools","relates_to_product_reference":"SUSE Linux Enterprise Server 11 SP4-LTSS"}]},"vulnerabilities":[{"cve":"CVE-2018-3062","ids":[{"system_name":"SUSE CVE Page","text":"https://www.suse.com/security/cve/CVE-2018-3062"}],"notes":[{"category":"general","text":"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Memcached). Supported versions that are affected are 5.6.40 and prior, 5.7.22 and prior and 8.0.11 and prior. Difficult to exploit vulnerability allows low privileged attacker with network access via memcached to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized ability to cause a hang or frequently repeatable crash (complete DOS) of MySQL Server. CVSS 3.0 Base Score 5.3 (Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H).","title":"Vulnerability description"}],"product_status":{"known not affected":["SUSE Linux Enterprise Server 11 SP4-LTSS:libmysql55client18","SUSE Linux Enterprise Server 11 SP4-LTSS:libmysql55client18-32bit","SUSE Linux Enterprise Server 11 SP4-LTSS:libmysql55client_r18","SUSE Linux Enterprise Server 11 SP4-LTSS:libmysql55client_r18-32bit","SUSE Linux Enterprise Server 11 SP4-LTSS:libmysqlclient15","SUSE Linux Enterprise Server 11 SP4-LTSS:libmysqlclient15-32bit","SUSE Linux Enterprise Server 11 SP4-LTSS:libmysqlclient_r15","SUSE Linux Enterprise Server 11 SP4-LTSS:mysql","SUSE Linux Enterprise Server 11 SP4-LTSS:mysql-client","SUSE Linux Enterprise Server 11 SP4-LTSS:mysql-tools"]},"references":[{"category":"external","summary":"CVE-2018-3062","url":"https://www.suse.com/security/cve/CVE-2018-3062"},{"category":"external","summary":"SUSE Security Ratings","url":"https://www.suse.com/support/security/rating/"},{"category":"external","summary":"SUSE Bug 1103344 for CVE-2018-3062","url":"https://bugzilla.suse.com/1103344"},{"category":"external","summary":"Advisory link for openSUSE-SU-2018:2293-1","url":"https://lists.opensuse.org/opensuse-security-announce/2018-08/msg00039.html"}],"threats":[{"category":"impact","date":"2018-07-18T07:28:43Z","details":"moderate"}],"title":"CVE-2018-3062"}]}