PatchSiren

PatchSiren cyber security CVE debrief

CVE-2017-3313 Redhat CVE debrief

CVE-2017-3313 is a MySQL Server vulnerability in the MyISAM subcomponent that can let a low-privileged attacker with logon access to the host compromise the MySQL Server process. Oracle’s description and the NVD record both emphasize confidentiality impact: successful attacks can expose critical data or all data accessible to MySQL Server. NVD rates the issue as local, high-complexity, low-privilege, no-user-interaction, with high confidentiality impact only.

Vendor
Redhat
Product
CVE-2017-3313
CVSS
MEDIUM 4.7
CISA KEV
Not listed in stored evidence
Original CVE published
2017-01-27
Original CVE updated
2026-05-13
Advisory published
2017-01-27
Advisory updated
2026-05-13

Who should care

Database administrators, Linux/host administrators, and platform teams running Oracle MySQL Server or downstream packaged builds that may include the affected versions. Security teams should also care where host login access is broader than intended, because the attack requires local access on the machine running MySQL.

Technical summary

The affected component is Oracle MySQL Server: MyISAM. The CVE description states that versions 5.5.53 and earlier, 5.6.34 and earlier, and 5.7.16 and earlier are affected. The NVD CVSS vector is CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:N/A:N, indicating a local attack with high complexity and high confidentiality impact, but no integrity or availability impact in the base scoring.

Defensive priority

Medium priority: the attack requires local logon access and is rated difficult to exploit, but the confidentiality impact can be severe because it may expose all data accessible to the MySQL Server process.

Recommended defensive actions

  • Inventory Oracle MySQL Server deployments and verify whether any instance is at or below 5.5.53, 5.6.34, or 5.7.16.
  • Apply the vendor or downstream package update that remediates CVE-2017-3313; NVD lists Oracle CPU Jan 2017 and multiple downstream advisories/errata as references.
  • Restrict local shell and login access on systems running MySQL to reduce the number of users who could reach the vulnerable server process.
  • Review host access controls and administrative group membership for systems that run MySQL Server.
  • Confirm that any packaged or distribution-maintained MySQL/MariaDB builds are on versions outside the affected ranges before considering the issue closed.

Evidence notes

This debrief is based on the supplied CVE description, the NVD CVSS vector, and the references listed in the source corpus. The CVE text explicitly says the vulnerability affects Oracle MySQL Server MyISAM and can be exploited by a low-privileged attacker with logon to the infrastructure where MySQL Server executes. The NVD metadata provides the affected version ranges and the confidentiality-only CVSS base impact. The source corpus also lists Oracle and downstream distribution advisories as mitigation references. The supplied vendor field points to Redhat, but the CVE description itself identifies Oracle MySQL Server as the affected product; that mismatch is noted as a data-quality concern rather than treated as fact.

Official resources

Publicly disclosed in the CVE/NVD record on 2017-01-27, with the source record later modified on 2026-05-13. The issue was already represented in vendor and downstream advisory references in the source corpus.