CVE-2017-10268

Source
https://cve.org/CVERecord?id=CVE-2017-10268
Import Source
https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-10268.json
JSON Data
https://api.test.osv.dev/v1/vulns/CVE-2017-10268
Downstream
Related
Published
2017-10-19T17:29:01.623Z
Modified
2026-07-08T23:28:14.221231Z
Severity
  • 4.1 (Medium) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N CVSS Calculator
Summary
[none]
Details

Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.57 and earlier, 5.6.37 and earlier and 5.7.19 and earlier. Difficult to exploit vulnerability allows high privileged attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks of this vulnerability can result in unauthorized access to critical data or complete access to all MySQL Server accessible data. CVSS 3.0 Base Score 4.1 (Confidentiality impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N).

Database specific
{
    "unresolved_ranges": [
        {
            "cpes": [
                "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:vmware_vsphere:*:*",
                "cpe:2.3:a:netapp:active_iq_unified_manager:*:*:*:*:*:windows:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "7.3"
                },
                {
                    "introduced": "9.5"
                }
            ],
            "source": "CPE_RANGE",
            "vendor_product": "netapp:active_iq_unified_manager"
        },
        {
            "cpes": [
                "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:vsphere:*:*",
                "cpe:2.3:a:netapp:oncommand_unified_manager:*:*:*:*:*:windows:*:*"
            ],
            "extracted_events": [
                {
                    "last_affected": "7.1"
                },
                {
                    "last_affected": "7.1"
                }
            ],
            "source": "CPE_RANGE",
            "vendor_product": "netapp:oncommand_unified_manager"
        },
        {
            "cpes": [
                "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
                "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "8.0"
                },
                {
                    "last_affected": "8.0"
                },
                {
                    "introduced": "9.0"
                },
                {
                    "last_affected": "9.0"
                }
            ],
            "source": "CPE_STRING",
            "vendor_product": "debian:debian_linux"
        },
        {
            "cpes": [
                "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "7.0"
                },
                {
                    "last_affected": "7.0"
                }
            ],
            "source": "CPE_STRING",
            "vendor_product": "redhat:enterprise_linux_desktop"
        },
        {
            "cpes": [
                "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
                "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "7.5"
                },
                {
                    "last_affected": "7.5"
                },
                {
                    "introduced": "7.6"
                },
                {
                    "last_affected": "7.6"
                },
                {
                    "introduced": "7.7"
                },
                {
                    "last_affected": "7.7"
                }
            ],
            "source": "CPE_STRING",
            "vendor_product": "redhat:enterprise_linux_eus"
        },
        {
            "cpes": [
                "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "7.0"
                },
                {
                    "last_affected": "7.0"
                }
            ],
            "source": "CPE_STRING",
            "vendor_product": "redhat:enterprise_linux_server"
        },
        {
            "cpes": [
                "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "7.6"
                },
                {
                    "last_affected": "7.6"
                },
                {
                    "introduced": "7.7"
                },
                {
                    "last_affected": "7.7"
                }
            ],
            "source": "CPE_STRING",
            "vendor_product": "redhat:enterprise_linux_server_aus"
        },
        {
            "cpes": [
                "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
                "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "7.6"
                },
                {
                    "last_affected": "7.6"
                },
                {
                    "introduced": "7.7"
                },
                {
                    "last_affected": "7.7"
                }
            ],
            "source": "CPE_STRING",
            "vendor_product": "redhat:enterprise_linux_server_tus"
        },
        {
            "cpes": [
                "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "7.0"
                },
                {
                    "last_affected": "7.0"
                }
            ],
            "source": "CPE_STRING",
            "vendor_product": "redhat:enterprise_linux_workstation"
        },
        {
            "cpes": [
                "cpe:2.3:a:redhat:openstack:12:*:*:*:*:*:*:*"
            ],
            "extracted_events": [
                {
                    "introduced": "12"
                },
                {
                    "last_affected": "12"
                }
            ],
            "source": "CPE_STRING",
            "vendor_product": "redhat:openstack"
        }
    ]
}
References

Affected packages

Git / github.com/mariadb/server

Affected ranges

Type
GIT
Repo
https://github.com/mariadb/server
Events
Database specific
{
    "source": "CPE_RANGE",
    "cpe": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "5.5.0"
        },
        {
            "fixed": "5.5.58"
        },
        {
            "introduced": "10.0.0"
        },
        {
            "fixed": "10.0.33"
        },
        {
            "introduced": "10.1.0"
        },
        {
            "fixed": "10.1.29"
        },
        {
            "introduced": "10.2.0"
        },
        {
            "fixed": "10.2.10"
        }
    ]
}

Affected versions

mariadb-10.*
mariadb-10.1.0
mariadb-10.1.10
mariadb-10.1.11
mariadb-10.1.12
mariadb-10.1.13
mariadb-10.1.14
mariadb-10.1.15
mariadb-10.1.16
mariadb-10.1.17
mariadb-10.1.18
mariadb-10.1.19
mariadb-10.1.2
mariadb-10.1.20
mariadb-10.1.21
mariadb-10.1.22
mariadb-10.1.23
mariadb-10.1.24
mariadb-10.1.25
mariadb-10.1.26
mariadb-10.1.27
mariadb-10.1.28
mariadb-10.1.3
mariadb-10.1.4
mariadb-10.1.5
mariadb-10.1.6
mariadb-10.1.7
mariadb-10.1.8
mariadb-10.1.9
mariadb-10.2.0
mariadb-10.2.1
mariadb-10.2.2
mariadb-10.2.5

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-10268.json"
vanir_signatures_modified
"2026-07-08T23:28:14Z"
vanir_signatures
[
    {
        "signature_version": "v1",
        "source": "https://github.com/mariadb/server/commit/58e0dcb93dc2b2bf49f76c754bd216dbdf875a0d",
        "signature_type": "Function",
        "id": "CVE-2017-10268-0500cd26",
        "digest": {
            "length": 1930.0,
            "function_hash": "229436509491359859587976164905941824146"
        },
        "deprecated": false,
        "target": {
            "function": "os_file_set_size",
            "file": "storage/innobase/os/os0file.cc"
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/mariadb/server/commit/58e0dcb93dc2b2bf49f76c754bd216dbdf875a0d",
        "signature_type": "Line",
        "id": "CVE-2017-10268-6ad32b91",
        "digest": {
            "line_hashes": [
                "199074947337376739812679047825821336002",
                "46725345608552447089949872245821081371",
                "119120488045980108076426049636030945131",
                "58230573690248886038051992579509304232",
                "326895143270909796380178638763687471280",
                "263146896042637856319085632199764889177",
                "122131190033688622756744393943115563446",
                "133068113502970118870593079691731269775",
                "111890012607856213573104663272595866488",
                "61566547659338840586290761302690848319",
                "313474223702629979055129385503607972230"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "target": {
            "file": "storage/innobase/os/os0file.cc"
        }
    },
    {
        "signature_version": "v1",
        "source": "https://github.com/mariadb/server/commit/05103c84ecc519eae4090b720f48203a648e2ab9",
        "signature_type": "Line",
        "id": "CVE-2017-10268-9c92b764",
        "digest": {
            "line_hashes": [
                "288478675654118026472906435977381342765",
                "77128588242836736274151580826871914954",
                "278995216876158915401313692667681240533",
                "282846413856269834796276352123467562693",
                "80088993081502469842219226733844912314",
                "179417024652175460309708312811008504317"
            ],
            "threshold": 0.9
        },
        "deprecated": false,
        "target": {
            "file": "sql/mysqld.cc"
        }
    }
]

Git / github.com/mysql/mysql-server

Affected ranges

Type
GIT
Repo
https://github.com/mysql/mysql-server
Events
Introduced
Last affected
Introduced
0 Unknown introduced commit / All previous commits are affected
Last affected
Last affected
Database specific
{
    "source": "CPE_RANGE",
    "cpe": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
    "extracted_events": [
        {
            "introduced": "5.5.0"
        },
        {
            "last_affected": "5.5.57"
        },
        {
            "introduced": "5.6.0"
        },
        {
            "last_affected": "5.6.37"
        },
        {
            "introduced": "5.7.0"
        },
        {
            "last_affected": "5.7.19"
        }
    ]
}

Affected versions

mysql-3.*
mysql-3.23.22-beta
mysql-3.23.28-gamma
mysql-3.23.30-gamma
mysql-3.23.31
mysql-3.23.32
mysql-3.23.33
mysql-3.23.36
mysql-4.*
mysql-4.0.2
mysql-4.0.4
mysql-5.*
mysql-5.1.4
mysql-5.5.15
mysql-5.5.19
mysql-5.5.23
mysql-5.5.25
mysql-5.5.27
mysql-5.5.44
mysql-5.5.47
mysql-5.5.49
mysql-5.5.57
mysql-5.6.37
mysql-5.7.19

Database specific

source
"https://storage.googleapis.com/osv-test-cve-osv-conversion/osv-output/CVE-2017-10268.json"