Detections
Analytics
MariaDB 10.2.0 < 10.2.19 Multiple Vulnerabilities
critical Nessus Plugin ID 121394
Language:
Synopsis
The remote database server is affected by multiple vulnerabilitiesDescription
The version of MariaDB running of remote host is 10.2.0 prior to 10.2.19. It is, therefore, affected by multiple vulnerabilitiesSolution
Upgrade to MariaDB version 10.2.19 or later.See Also
https://lists.askmonty.org/cgi-bin/mailman/listinfo/announce
https://mariadb.org/mariadb-10-2-19-now-available
https://mariadb.com/kb/en/mdb-10219-rn
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9843
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3143
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3156
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3162
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3173
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3174
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3185
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3200
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3251
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3277
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3282
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3284
https://jira.mariadb.org/browse/MDEV-12023
https://jira.mariadb.org/browse/MDEV-12547
https://jira.mariadb.org/browse/MDEV-12837
https://jira.mariadb.org/browse/MDEV-13564
https://jira.mariadb.org/browse/MDEV-13671
https://jira.mariadb.org/browse/MDEV-14585
https://jira.mariadb.org/browse/MDEV-14717
https://jira.mariadb.org/browse/MDEV-16980
https://jira.mariadb.org/browse/MDEV-17073
https://jira.mariadb.org/browse/MDEV-17215
https://jira.mariadb.org/browse/MDEV-17230
https://jira.mariadb.org/browse/MDEV-17289
https://jira.mariadb.org/browse/MDEV-17433
https://jira.mariadb.org/browse/MDEV-17491
https://jira.mariadb.org/browse/MDEV-17531
https://jira.mariadb.org/browse/MDEV-17532
https://jira.mariadb.org/browse/MDEV-17541
https://jira.mariadb.org/browse/MDEV-17545
Plugin Details
Severity: Critical
ID: 121394
File Name: mariadb_10_2_19.nasl
Version: 1.3
Type: remote
Family: Databases
Published: 1/25/2019
Updated: 5/25/2020
Supported Sensors: Frictionless Assessment Agent, Nessus
Risk Information
VPR
Risk Factor: Medium
Score: 6.7
CVSS v2
Risk Factor: High
Base Score: 7.5
Temporal Score: 5.5
Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS Score Source: CVE-2016-9843
CVSS v3
Risk Factor: Critical
Base Score: 9.8
Temporal Score: 8.5
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C
Vulnerability Information
CPE: cpe:/a:mariadb:mariadb
Exploit Ease: No known exploits are available
Patch Publication Date: 11/13/2018
Vulnerability Publication Date: 9/29/2016
Reference Information
CVE: CVE-2016-9843, CVE-2018-3143, CVE-2018-3156, CVE-2018-3162, CVE-2018-3173, CVE-2018-3174, CVE-2018-3185, CVE-2018-3200, CVE-2018-3251, CVE-2018-3277, CVE-2018-3282, CVE-2018-3284