Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Server: Replication). Supported versions that are affected are 5.5.59 and prior, 5.6.39 and prior and 5.7.21 and prior. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where MySQL Server executes to compromise MySQL Server. Successful attacks require human interaction from a person other than the attacker and while the vulnerability is in MySQL Server, attacks may significantly impact additional products. Successful attacks of this vulnerability can result in takeover of MySQL Server. CVSS 3.0 Base Score 7.7 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:C/C:H/I:H/A:H).
{ "vanir_signatures": [ { "deprecated": false, "target": { "function": "alter_close_tables", "file": "sql/sql_partition.cc" }, "source": "https://github.com/mariadb/server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "function_hash": "231123461649866527768674208945148404874", "length": 343.0 }, "id": "CVE-2018-2755-001e3e3f", "signature_version": "v1", "signature_type": "Function" }, { "deprecated": false, "target": { "file": "sql/sql_table.cc" }, "source": "https://github.com/mariadb/server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "threshold": 0.9, "line_hashes": [ "98623316213409793617979516151021505920", "150315841134420593989189694594199170377", "74220954711237228064095972947703663116", "154305823820827940419984535907620929865", "289479147918564409745345395754297148013", "308070364756342782418773016799218524736", "161552418692699585795449739961602993853", "85487136929008508869923944773295623492", "275388682514445710893178814805171875110", "178809449813359038226666686323941628709", "119949744805440180132144973758597620903", "185511711288508735090102321271938712463", "123105818852375417367735793496370373956", "39420389331847669276740398348823056549", "287683927221303284220379719752010569258", "151172545567567784782157395451800999432", "250515250401651252803798436142034922095", "140575188252870095998821594577623132738", "110147739517200557046208775879364660604", "199070321020541592119258315719848103148" ] }, "id": "CVE-2018-2755-20248fe9", "signature_version": "v1", "signature_type": "Line" }, { "deprecated": false, "target": { "function": "close_cached_tables", "file": "sql/sql_base.cc" }, "source": "https://github.com/mysql/mysql-server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "function_hash": "307547925058980154024824836833721480709", "length": 2516.0 }, "id": "CVE-2018-2755-24f2c1ba", "signature_version": "v1", "signature_type": "Function" }, { "deprecated": false, "target": { "file": "sql/sql_base.cc" }, "source": "https://github.com/mysql/mysql-server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "threshold": 0.9, "line_hashes": [ "19159825664530579448457382607599790985", "219641044277283784788035118736380523644", "58718184368927826411468608788623464271", "16531678164178269163773668188517326459", "306008785078093896767990199558236913553", "154321874791254813302235133160438739629", "47410171087885668586724438919720239358", "149576705647977492009294619323259281896", "120752287782577720187839525419105292409", "122648421302786558836472958225028865329", "74684100635662149771157483139565709120", "331500074359127820532341549682819740334", "145533971336799931076766909971236426736", "25993982317811094185796442155468024435", "241257698469144830092333010133194498943", "139296395445375594353912733722447648149", "338045279117053075942898738633579988776", "113930363466154712277001444097963236746", "178735082132599490753945704487387552470", "139590559789982818246547745039844995009", "216384293083677055841794255037151567255", "189504152669391006592752965488127884946", "60227878159953189981448899199680952782", "189466702747004673588972952417441532325", "1299079623696277756489701288817884925" ] }, "id": "CVE-2018-2755-252e9a82", "signature_version": "v1", "signature_type": "Line" }, { "deprecated": false, "target": { "function": "mysql_rm_table_no_locks", "file": "sql/sql_table.cc" }, "source": "https://github.com/mysql/mysql-server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "function_hash": "181946487599166129287471157698235931442", "length": 6584.0 }, "id": "CVE-2018-2755-254a3726", "signature_version": "v1", "signature_type": "Function" }, { "deprecated": false, "target": { "file": "sql/sql_truncate.cc" }, "source": "https://github.com/mariadb/server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "threshold": 0.9, "line_hashes": [ "248268375571264674713868657641409635309", "6756541203236256621229262233475091335", "288477169696598487647479116107449431283", "38338874926378347984271477663154559707", "156349013963660213813034118648638470744" ] }, "id": "CVE-2018-2755-3598bd1a", "signature_version": "v1", "signature_type": "Line" }, { "deprecated": false, "target": { "file": "sql/sql_trigger.cc" }, "source": "https://github.com/mariadb/server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "threshold": 0.9, "line_hashes": [ "229668877858838427304667685812534150080", "71733128727302034242409639618612353324", "37303647763763701285109014035231688514", "240746509587050914626403293229669116841", "49187661201700155029618977023580532144" ] }, "id": "CVE-2018-2755-42c280ea", "signature_version": "v1", "signature_type": "Line" }, { "deprecated": false, "target": { "file": "sql/sql_table.cc" }, "source": "https://github.com/mysql/mysql-server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "threshold": 0.9, "line_hashes": [ "98623316213409793617979516151021505920", "150315841134420593989189694594199170377", "74220954711237228064095972947703663116", "154305823820827940419984535907620929865", "289479147918564409745345395754297148013", "308070364756342782418773016799218524736", "161552418692699585795449739961602993853", "85487136929008508869923944773295623492", "275388682514445710893178814805171875110", "178809449813359038226666686323941628709", "119949744805440180132144973758597620903", "185511711288508735090102321271938712463", "123105818852375417367735793496370373956", "39420389331847669276740398348823056549", "287683927221303284220379719752010569258", "151172545567567784782157395451800999432", "250515250401651252803798436142034922095", "140575188252870095998821594577623132738", "110147739517200557046208775879364660604", "199070321020541592119258315719848103148" ] }, "id": "CVE-2018-2755-43a8dcf4", "signature_version": "v1", "signature_type": "Line" }, { "deprecated": false, "target": { "function": "mysql_alter_table", "file": "sql/sql_table.cc" }, "source": "https://github.com/mysql/mysql-server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "function_hash": "226020517142138691716213710526843560222", "length": 22039.0 }, "id": "CVE-2018-2755-49548691", "signature_version": "v1", "signature_type": "Function" }, { "deprecated": false, "target": { "file": "sql/sql_admin.cc" }, "source": "https://github.com/mariadb/server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "threshold": 0.9, "line_hashes": [ "17803114805012787919203676656937789911", "157325619074821773502102572840272271369", "221252887105973422343886302901183412828", "228081691773921474700907818304973924665", "91687825008507014556510061127450564608" ] }, "id": "CVE-2018-2755-499b0792", "signature_version": "v1", "signature_type": "Line" }, { "deprecated": false, "target": { "function": "alter_partition_lock_handling", "file": "sql/sql_partition.cc" }, "source": "https://github.com/mysql/mysql-server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "function_hash": "212848505831477462977019393544916051051", "length": 414.0 }, "id": "CVE-2018-2755-503f9563", "signature_version": "v1", "signature_type": "Function" }, { "deprecated": false, "target": { "function": "Truncate_statement::lock_table", "file": "sql/sql_truncate.cc" }, "source": "https://github.com/mariadb/server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "function_hash": "165487064594079959249880768453359126541", "length": 1199.0 }, "id": "CVE-2018-2755-59b80242", "signature_version": "v1", "signature_type": "Function" }, { "deprecated": false, "target": { "function": "Truncate_statement::lock_table", "file": "sql/sql_truncate.cc" }, "source": "https://github.com/mysql/mysql-server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "function_hash": "165487064594079959249880768453359126541", "length": 1199.0 }, "id": "CVE-2018-2755-60c69894", "signature_version": "v1", "signature_type": "Function" }, { "deprecated": false, "target": { "file": "sql/sql_partition.cc" }, "source": "https://github.com/mariadb/server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "threshold": 0.9, "line_hashes": [ "733665378926861439603144577900355062", "180153685388187958939941610026288092376", "177249787923084198955959010311328384722", "331186826889024573165155955077766627707", "158274671428071215887037664373851655352", "18922941291621657244684992560598003226", "91644651387436945530500251138718183135", "35460528332965259364523146539808523513", "140927666597852594906838227922529625202" ] }, "id": "CVE-2018-2755-62296843", "signature_version": "v1", "signature_type": "Line" }, { "deprecated": false, "target": { "file": "sql/sql_base.h" }, "source": "https://github.com/mysql/mysql-server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "threshold": 0.9, "line_hashes": [ "300406142040319082123527811638963238003", "199040959749600054709747629370655091601", "210529970254800422777482044429507215811", "144932245513799295406022564055704306037", "152800187986008570736973837847258222597" ] }, "id": "CVE-2018-2755-7017c1ca", "signature_version": "v1", "signature_type": "Line" }, { "deprecated": false, "target": { "function": "prepare_for_repair", "file": "sql/sql_admin.cc" }, "source": "https://github.com/mysql/mysql-server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "function_hash": "42645391966692858134861268056434167785", "length": 3163.0 }, "id": "CVE-2018-2755-78b58b53", "signature_version": "v1", "signature_type": "Function" }, { "deprecated": false, "target": { "file": "sql/sql_base.h" }, "source": "https://github.com/mariadb/server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "threshold": 0.9, "line_hashes": [ "300406142040319082123527811638963238003", "199040959749600054709747629370655091601", "210529970254800422777482044429507215811", "144932245513799295406022564055704306037", "152800187986008570736973837847258222597" ] }, "id": "CVE-2018-2755-91fd7150", "signature_version": "v1", "signature_type": "Line" }, { "deprecated": false, "target": { "function": "alter_partition_lock_handling", "file": "sql/sql_partition.cc" }, "source": "https://github.com/mariadb/server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "function_hash": "212848505831477462977019393544916051051", "length": 414.0 }, "id": "CVE-2018-2755-93a757d6", "signature_version": "v1", "signature_type": "Function" }, { "deprecated": false, "target": { "file": "sql/sql_trigger.cc" }, "source": "https://github.com/mysql/mysql-server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "threshold": 0.9, "line_hashes": [ "229668877858838427304667685812534150080", "71733128727302034242409639618612353324", "37303647763763701285109014035231688514", "240746509587050914626403293229669116841", "49187661201700155029618977023580532144" ] }, "id": "CVE-2018-2755-97a4919b", "signature_version": "v1", "signature_type": "Line" }, { "deprecated": false, "target": { "function": "close_all_tables_for_name", "file": "sql/sql_base.cc" }, "source": "https://github.com/mariadb/server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "function_hash": "254666496295307123912805047719032398588", "length": 848.0 }, "id": "CVE-2018-2755-9f23597f", "signature_version": "v1", "signature_type": "Function" }, { "deprecated": false, "target": { "function": "close_cached_tables", "file": "sql/sql_base.cc" }, "source": "https://github.com/mariadb/server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "function_hash": "307547925058980154024824836833721480709", "length": 2516.0 }, "id": "CVE-2018-2755-a13dc76b", "signature_version": "v1", "signature_type": "Function" }, { "deprecated": false, "target": { "function": "mysql_create_or_drop_trigger", "file": "sql/sql_trigger.cc" }, "source": "https://github.com/mariadb/server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "function_hash": "228120291487408690622172994366016631962", "length": 3133.0 }, "id": "CVE-2018-2755-ab1f86a2", "signature_version": "v1", "signature_type": "Function" }, { "deprecated": false, "target": { "function": "alter_close_tables", "file": "sql/sql_partition.cc" }, "source": "https://github.com/mysql/mysql-server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "function_hash": "231123461649866527768674208945148404874", "length": 343.0 }, "id": "CVE-2018-2755-ae7932d2", "signature_version": "v1", "signature_type": "Function" }, { "deprecated": false, "target": { "file": "sql/sql_truncate.cc" }, "source": "https://github.com/mysql/mysql-server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "threshold": 0.9, "line_hashes": [ "248268375571264674713868657641409635309", "6756541203236256621229262233475091335", "288477169696598487647479116107449431283", "38338874926378347984271477663154559707", "156349013963660213813034118648638470744" ] }, "id": "CVE-2018-2755-b895f219", "signature_version": "v1", "signature_type": "Line" }, { "deprecated": false, "target": { "file": "sql/sql_admin.cc" }, "source": "https://github.com/mysql/mysql-server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "threshold": 0.9, "line_hashes": [ "17803114805012787919203676656937789911", "157325619074821773502102572840272271369", "221252887105973422343886302901183412828", "228081691773921474700907818304973924665", "91687825008507014556510061127450564608" ] }, "id": "CVE-2018-2755-c858a297", "signature_version": "v1", "signature_type": "Line" }, { "deprecated": false, "target": { "file": "sql/sql_partition.cc" }, "source": "https://github.com/mysql/mysql-server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "threshold": 0.9, "line_hashes": [ "733665378926861439603144577900355062", "180153685388187958939941610026288092376", "177249787923084198955959010311328384722", "331186826889024573165155955077766627707", "158274671428071215887037664373851655352", "18922941291621657244684992560598003226", "91644651387436945530500251138718183135", "35460528332965259364523146539808523513", "140927666597852594906838227922529625202" ] }, "id": "CVE-2018-2755-cba571dd", "signature_version": "v1", "signature_type": "Line" }, { "deprecated": false, "target": { "function": "mysql_create_or_drop_trigger", "file": "sql/sql_trigger.cc" }, "source": "https://github.com/mysql/mysql-server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "function_hash": "228120291487408690622172994366016631962", "length": 3133.0 }, "id": "CVE-2018-2755-cc71138f", "signature_version": "v1", "signature_type": "Function" }, { "deprecated": false, "target": { "function": "prepare_for_repair", "file": "sql/sql_admin.cc" }, "source": "https://github.com/mariadb/server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "function_hash": "42645391966692858134861268056434167785", "length": 3163.0 }, "id": "CVE-2018-2755-d7a5c234", "signature_version": "v1", "signature_type": "Function" }, { "deprecated": false, "target": { "function": "mysql_rm_table_no_locks", "file": "sql/sql_table.cc" }, "source": "https://github.com/mariadb/server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "function_hash": "181946487599166129287471157698235931442", "length": 6584.0 }, "id": "CVE-2018-2755-d85f9310", "signature_version": "v1", "signature_type": "Function" }, { "deprecated": false, "target": { "function": "close_all_tables_for_name", "file": "sql/sql_base.cc" }, "source": "https://github.com/mysql/mysql-server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "function_hash": "254666496295307123912805047719032398588", "length": 848.0 }, "id": "CVE-2018-2755-d9e2b636", "signature_version": "v1", "signature_type": "Function" }, { "deprecated": false, "target": { "file": "sql/sql_base.cc" }, "source": "https://github.com/mariadb/server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "threshold": 0.9, "line_hashes": [ "19159825664530579448457382607599790985", "219641044277283784788035118736380523644", "58718184368927826411468608788623464271", "16531678164178269163773668188517326459", "306008785078093896767990199558236913553", "154321874791254813302235133160438739629", "47410171087885668586724438919720239358", "149576705647977492009294619323259281896", "120752287782577720187839525419105292409", "122648421302786558836472958225028865329", "74684100635662149771157483139565709120", "331500074359127820532341549682819740334", "145533971336799931076766909971236426736", "25993982317811094185796442155468024435", "241257698469144830092333010133194498943", "139296395445375594353912733722447648149", "338045279117053075942898738633579988776", "113930363466154712277001444097963236746", "178735082132599490753945704487387552470", "139590559789982818246547745039844995009", "216384293083677055841794255037151567255", "189504152669391006592752965488127884946", "60227878159953189981448899199680952782", "189466702747004673588972952417441532325", "1299079623696277756489701288817884925" ] }, "id": "CVE-2018-2755-f89e984c", "signature_version": "v1", "signature_type": "Line" }, { "deprecated": false, "target": { "function": "mysql_alter_table", "file": "sql/sql_table.cc" }, "source": "https://github.com/mariadb/server/commit/c0b4d74b52e7eec9b13af732193f7f8d7abe05de", "digest": { "function_hash": "226020517142138691716213710526843560222", "length": 22039.0 }, "id": "CVE-2018-2755-fce8cd3f", "signature_version": "v1", "signature_type": "Function" } ] }