Detections
Analytics
MariaDB 10.0.0 < 10.0.37 Multiple Vulnerabilities
critical Nessus Plugin ID 121191
Language:
Synopsis
The remote database server is affected by multiple vulnerabilitiesDescription
The version of MariaDB running of remote host is 10.0.0 prior to 10.0.37. It is, therefore, affected by multiple vulnerabilitiesSolution
Upgrade to MariaDB version 10.0.37 or later.See Also
https://lists.askmonty.org/cgi-bin/mailman/listinfo/announce
https://mariadb.org/mariadb-10-0-37-now-available/
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3282
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9843
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3174
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3143
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3156
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3251
https://jira.mariadb.org/browse/MDEV-17533
https://jira.mariadb.org/browse/MDEV-17532
https://jira.mariadb.org/browse/MDEV-17531
https://jira.mariadb.org/browse/MDEV-16465
https://jira.mariadb.org/browse/MDEV-12547
Plugin Details
Severity: Critical
ID: 121191
File Name: mariadb_10_0_37.nasl
Version: 1.4
Type: remote
Family: Databases
Published: 1/16/2019
Updated: 11/18/2022
Supported Sensors: Frictionless Assessment Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2016-9843
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:mariadb:mariadb
Exploit Ease: No known exploits are available
Patch Publication Date: 11/1/2018
Vulnerability Publication Date: 11/1/2018
Reference Information
CVE: CVE-2016-9843, CVE-2018-3143, CVE-2018-3156, CVE-2018-3174, CVE-2018-3251, CVE-2018-3282, CVE-2019-2503