{"id":"CVE-2017-3600","details":"Vulnerability in the MySQL Server component of Oracle MySQL (subcomponent: Client mysqldump). Supported versions that are affected are 5.5.54 and earlier, 5.6.35 and earlier and 5.7.17 and earlier. Difficult to exploit vulnerability allows high privileged attacker with network access via multiple protocols to compromise MySQL Server. Successful attacks of this vulnerability can result in takeover of MySQL Server. Note: CVE-2017-3600 is equivalent to CVE-2016-5483. CVSS 3.0 Base Score 6.6 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H).","modified":"2026-04-11T04:14:30.675050Z","published":"2017-04-24T19:59:06.003Z","related":["SUSE-SU-2017:1137-1"],"references":[{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-2927.html"},{"type":"ADVISORY","url":"http://rhn.redhat.com/errata/RHSA-2016-2928.html"},{"type":"ADVISORY","url":"http://www.debian.org/security/2017/dsa-3834"},{"type":"ADVISORY","url":"http://www.securityfocus.com/bid/97765"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:2192"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:2787"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1038287"},{"type":"ADVISORY","url":"https://access.redhat.com/errata/RHSA-2017:2886"},{"type":"FIX","url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"}],"affected":[{"ranges":[{"type":"GIT","repo":"https://github.com/mariadb/server","events":[{"introduced":"776555af021e917ce0d6235386b43ae59fdd5161"},{"fixed":"c7e1c89070e34e13cb4a3e947021b91fb211959a"},{"introduced":"c235de12ae3723b96944337bd89ad9cc87f21d8f"},{"fixed":"5fda340dc378a8542d55d4734d68fcc918549175"}],"database_specific":{"versions":[{"introduced":"10.0.0"},{"fixed":"10.0.28"},{"introduced":"10.1.0"},{"fixed":"10.1.19"}]}},{"type":"GIT","repo":"https://github.com/mysql/mysql-server","events":[{"introduced":"54df0057e18d8c82c23fbd4e0bf5b5dc2e762955"},{"last_affected":"c8f0eeb9c8596be83fefb7fef9f9871e53edb020"},{"introduced":"0"},{"last_affected":"d61eb03ba1b8478d6cb09969ca6c38f330a93178"},{"introduced":"0"},{"last_affected":"23032807537d8dd8ee4ec1c4d40f0633cd4e12f9"},{"introduced":"0"},{"last_affected":"ae41ce7c4ecff5e1e336ab768867370b8c94e02d"},{"introduced":"0"},{"last_affected":"270fd3411e3d671a73ed9725940a30080f59ce6d"},{"introduced":"54df0057e18d8c82c23fbd4e0bf5b5dc2e762955"},{"fixed":"5c6169fb309981b564a17bee31b367a18866d674"}],"database_specific":{"versions":[{"introduced":"5.5.0"},{"last_affected":"5.5.54"},{"introduced":"5.6.0"},{"last_affected":"5.6.35"},{"introduced":"5.7.0"},{"last_affected":"5.7.17"},{"introduced":"0"},{"last_affected":"7.5"},{"introduced":"0"},{"last_affected":"8.0"},{"introduced":"5.5.0"},{"fixed":"5.5.53"}]}}],"versions":["mariadb-10.1.0","mariadb-10.1.10","mariadb-10.1.11","mariadb-10.1.12","mariadb-10.1.13","mariadb-10.1.14","mariadb-10.1.15","mariadb-10.1.16","mariadb-10.1.17","mariadb-10.1.18","mariadb-10.1.2","mariadb-10.1.3","mariadb-10.1.4","mariadb-10.1.5","mariadb-10.1.6","mariadb-10.1.7","mariadb-10.1.8","mariadb-10.1.9","mysql-3.23.22-beta","mysql-3.23.28-gamma","mysql-3.23.30-gamma","mysql-3.23.31","mysql-3.23.32","mysql-3.23.33","mysql-3.23.36","mysql-4.0.2","mysql-4.0.4","mysql-5.1.4","mysql-5.5.15","mysql-5.5.19","mysql-5.5.23","mysql-5.5.25","mysql-5.5.27","mysql-5.5.44","mysql-5.5.47","mysql-5.5.49","mysql-5.5.54","mysql-5.6.35","mysql-5.7.17","mysql-8.0.0","mysql-cluster-7.5.0"],"database_specific":{"unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]},{"events":[{"introduced":"0"},{"last_affected":"7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.4"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.6"}]},{"events":[{"introduced":"0"},{"last_affected":"7.0"}]}],"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2017-3600.json","vanir_signatures_modified":"2026-04-11T04:14:30Z","vanir_signatures":[{"signature_type":"Line","target":{"file":"extra/yassl/taocrypt/src/dsa.cpp"},"source":"https://github.com/mysql/mysql-server/commit/5c6169fb309981b564a17bee31b367a18866d674","id":"CVE-2017-3600-16309383","digest":{"threshold":0.9,"line_hashes":["27571705349062833614647760893496044336","78771796107740532374490499457830324695","120578194889014923680807625039010635265","135088757692530492349262990501234869028","24072023284988850243682809519563112844","120005068937601140862107858184562872966","260063822707606933862410065697364883878","236062141176887460477246135446060800205","286672892299119387033461806235021450979","157714852908868140025972504380263098261","114641232715583468084142385911444831720","69276216599412265049175980777734763571","170592877916405225706016913399260476360","177753258363415232361704011645183603111","123664854196404269903405231197206633542","202409716012092143514321397460482976142","328426962999468103313738018515576390025","323660820053321441626379586838989392048","127526685723350749881658215406802681286"]},"signature_version":"v1","deprecated":false},{"signature_type":"Line","target":{"file":"extra/yassl/testsuite/test.hpp"},"source":"https://github.com/mysql/mysql-server/commit/5c6169fb309981b564a17bee31b367a18866d674","id":"CVE-2017-3600-23d82c5d","digest":{"threshold":0.9,"line_hashes":["260296244902971261802720555360809359823","30405574680226101553559255420622667700","277594633184144642705484530822473055073","123280552561545619808770193268172633225","198819465042066639208092273497418738951","224698105575734514423776560057209954234","239498978375112896317888407946045343064"]},"signature_version":"v1","deprecated":false},{"signature_type":"Function","target":{"file":"extra/yassl/taocrypt/src/aes.cpp","function":"AES::decrypt"},"source":"https://github.com/mysql/mysql-server/commit/5c6169fb309981b564a17bee31b367a18866d674","id":"CVE-2017-3600-3ea181a2","digest":{"length":2451,"function_hash":"337172653804081826321558406765647050012"},"signature_version":"v1","deprecated":false},{"signature_type":"Function","target":{"file":"extra/yassl/src/ssl.cpp","function":"SSL_CTX_load_verify_locations"},"source":"https://github.com/mysql/mysql-server/commit/5c6169fb309981b564a17bee31b367a18866d674","id":"CVE-2017-3600-408a8637","digest":{"length":1374,"function_hash":"252878667099131724046219752696552634821"},"signature_version":"v1","deprecated":false},{"signature_type":"Line","target":{"file":"extra/yassl/taocrypt/src/asn.cpp"},"source":"https://github.com/mysql/mysql-server/commit/5c6169fb309981b564a17bee31b367a18866d674","id":"CVE-2017-3600-428c916a","digest":{"threshold":0.9,"line_hashes":["12676883504511537836851805335014753808","86136441707145107582468336730071721454","46643955776531662508654064107771652873","172972673225973510662718861007243129838","275343746346763911448027270551344869565","10297607360291887188560439449189586569","211521935183401188011828528869536424135","100150659346379226672029181519823470514","288274714760033336927670667098226370369","214199882774538904135010998618109411777","92337325655948714199455945896033189499","57014488008186237883100103703934297638","84126274488470187202787044900261175912","111333295085031655754229734444751829035","61962066648739223212612672648013308043","229492336105276644856204714600300160847","113084869126643113302068417067826512376","299154821588885036960892465929762153496","283125995140277259790258693162340854727","246517317723567547270138790342654521222","99088709429725408647881407045182195000","80085837606925223301246847297422708838","8551926963117930886619275831029695784","214199882774538904135010998618109411777","92337325655948714199455945896033189499","57014488008186237883100103703934297638","84126274488470187202787044900261175912","117201876138826172575324038836130717949"]},"signature_version":"v1","deprecated":false},{"signature_type":"Function","target":{"file":"extra/yassl/taocrypt/src/aes.cpp","function":"AES::encrypt"},"source":"https://github.com/mysql/mysql-server/commit/5c6169fb309981b564a17bee31b367a18866d674","id":"CVE-2017-3600-5837405e","digest":{"length":2451,"function_hash":"728183293021834611339860234177000739"},"signature_version":"v1","deprecated":false},{"signature_type":"Line","target":{"file":"extra/yassl/taocrypt/include/integer.hpp"},"source":"https://github.com/mysql/mysql-server/commit/5c6169fb309981b564a17bee31b367a18866d674","id":"CVE-2017-3600-74d468d1","digest":{"threshold":0.9,"line_hashes":["219858337265926406658680749168317775879","153107872601448502068346832751238704539","124703938118287303300239150580652446722"]},"signature_version":"v1","deprecated":false},{"signature_type":"Function","target":{"file":"extra/yassl/taocrypt/test/test.cpp","function":"dsa_test"},"source":"https://github.com/mysql/mysql-server/commit/5c6169fb309981b564a17bee31b367a18866d674","id":"CVE-2017-3600-813baceb","digest":{"length":824,"function_hash":"213592199788100431042475750871063750630"},"signature_version":"v1","deprecated":false},{"signature_type":"Line","target":{"file":"extra/yassl/taocrypt/test/test.cpp"},"source":"https://github.com/mysql/mysql-server/commit/5c6169fb309981b564a17bee31b367a18866d674","id":"CVE-2017-3600-9ba10711","digest":{"threshold":0.9,"line_hashes":["109940146623213597127416344504195445920","178907656867341753480198445922813818294","170876148487812625180233078189474774583"]},"signature_version":"v1","deprecated":false},{"signature_type":"Line","target":{"file":"extra/yassl/taocrypt/src/aes.cpp"},"source":"https://github.com/mysql/mysql-server/commit/5c6169fb309981b564a17bee31b367a18866d674","id":"CVE-2017-3600-a7a1f11a","digest":{"threshold":0.9,"line_hashes":["223067653392003212450507478840756034621","93617066226238403617727920501644660729","193336018462189776418408921633453082801","193134509690167489205734594178786066129","172425360142677997406462195311018753875","186384674305768235627419791481574400483","39928454643421910359841654837861230822","10761398357987236213074074273409848731","224916636199067661022290174328061399595","18208252032027610571993856056774956220","193134509690167489205734594178786066129","172425360142677997406462195311018753875","327033326097476378301836321025686644896","263897874153606794454930923731666872815","267473517707453032834092628954243546635","200207021105063845114115288213790768313","259522625962342089521608156764998868597","193134509690167489205734594178786066129","172425360142677997406462195311018753875","339162108105785442675766640857874740473","153194116579274492521135321065994399600","219077486271258513313861941702607488888","328017932113822413363297036819575357072","337015865612683690149238714302334617171","204902358041369013557637977602638202498","263233004976219612700185072569973143462","154020917109266453001990368762727201028","92938675128456456736199012338765255481","38295276621637429394924950198348869450","189010564978149824054804340353632956577","311210749345081922507269171717758520905","286167862012695373063328451682703640796","273752068753994636856629160575293345864","64668351539709595463781363073128387710","166439414309524937614626480072704382163","262005695227308833548638754864217849718","285950563184450313150897710221861489581","3366409311708711104038542109775274988","75601355935721183894876477348089942121","19803742203259992571622852249875403308","301486783318890606555859033012332113492","124517857898899663147477943316721002743","106784292021873479735280307600791797387","262435946751685800108222337752138831297","150775426765799237424225011556466973689","187174685220199525476647687155969700860","294834498461652211655057333331732179453","209972186373880922434929996476549330679","109384549182536858935281626318542921027","207110826032374882538032271938403866571","104657096013835029032163004332040714449","294896457986895919182832226343696242139","48962930346254390827508422581141183049","76983499031709058294821939991529866663","145027954154122629214453112368135312533","125659387657434322973258658506070093444","73571176348389143489518085702960925739","274799108653157050573186130828248710172","95124426710618474534023728051629026047","47682113758494744654768264271911770688","324796843092667647785724485599737372338","161837422532990043723030660375456147471","106268582748406294363932988797279932175","282199794726633465729041517430315014632","99613529444952565243351122897591030160","308229532130884302233209140882444752462","291984063059212174860872822099714483255","56342951682693601113942196334323507647","20017584132002408405515174739244918450","235920063662158656238161049400385150362","69120084662953379899613308582369856735","338483630246957269758548717819480772524","66747512105425943037484083806448481149","41047173691402973238264782203032458348","299112516688473007500157482844400510262","33463999890227763018858938008944461479","86393891186148688119549046340014426817","185224896699651938478771843008135509104","104657096013835029032163004332040714449","294896457986895919182832226343696242139","48962930346254390827508422581141183049","16556935342544095098857937677580415226","299576551892697205420000073852902100667","51759539427901764668998233304358541049","257860356608075891903849784135060802603","272435428706590786368556138779335477433","275496233108238068985852159713352102253","256503603347710931586155178431906413795","313814195548518199850219855124796518768","130584669077603322150606990762974630985","224020459186115790807424395684255488008","98725289852036173039378484968505347146","207530094435774389811202604740913353712","122277431994682046795539797629370230730","129162500164145957857582884858699856924","319410514301779992564918567152495154197","81747081506829517816717635142167096057","15825054801550814933335554706261047523","258278349185096058324849522312777063066","191755811826453695614656690810774776138","293578062556788706289153707718803143215","237819455529421121496538103594260912061","204814026699695728769461553017458437004","132448784357194984854532757894594214395","29058158174151767596607087530306204038","164734653739230791861081978125361053635","179178492860704142023623449479825194280","107904640789828739422116084231704224533","338646717611491012888505696977143899332","233654292260906232852928658108163901253","114063507210431759221188445653255106082","318745302091903411061039083338920246574","271765554434741473499696143854575062096","219034126472572493354846236939678810483","89963488858433858919558080692377039767","76036661406842205137921227456722431867","78540722709433042817811516899314657221","19118470247083143655755567600330422643"]},"signature_version":"v1","deprecated":false},{"signature_type":"Function","target":{"file":"extra/yassl/taocrypt/src/aes.cpp","function":"AES::SetKey"},"source":"https://github.com/mysql/mysql-server/commit/5c6169fb309981b564a17bee31b367a18866d674","id":"CVE-2017-3600-ba2ee6d7","digest":{"length":3466,"function_hash":"272218913085348910714036016742601871139"},"signature_version":"v1","deprecated":false},{"signature_type":"Line","target":{"file":"extra/yassl/src/ssl.cpp"},"source":"https://github.com/mysql/mysql-server/commit/5c6169fb309981b564a17bee31b367a18866d674","id":"CVE-2017-3600-c0680dff","digest":{"threshold":0.9,"line_hashes":["32100353554160543732080883403124258992","290569026164006778547815435628065200165","258442848204447786451295588359949716190","98277120276308195672628407509406378672","162435445927849077550109136270101652160","35822698881750550102206871189368629402","108569226848823210529387873536958036884","46281803370607395395293880119817583379","271687616682573768616431666775409812276","256323083316054677813492782464344239691","48264812720442742275793273971235439474","182783618655362344646850693486587946231","66737817048051724168385139876003807232","153547295418405273173585051821775977034","148908150430917335378484553013665669787","79526610973970829089378993300620523361","88757035158300063856435071289855283886","87616902804490942440208572340715558146","111005516932060430312236170993537565518","156147923078029645420379496135073182205","173069396567099316446653360770198792934","210305349753640699355786011252809928874","179470784044710329790498199270407503042","335755587937614080846263795614383566096","38276430112918669882678159424307374886","325448562210503713956871907254693105708","254686314993658253925850175951187902595","235948386225949634233095070190846287657","123395729275390372521915299902473186045","35648007523601308873762040816302975605","90287281908967504685872700763225495593","137429321373608445514199054012898493277","669958741311746222362873547138931240","29982635227015559101645597866496550156","181844108383957324171057084626587476227","164601828113005156590474916938380942771"]},"signature_version":"v1","deprecated":false},{"signature_type":"Function","target":{"file":"extra/yassl/taocrypt/src/dsa.cpp","function":"DSA_Signer::Sign"},"source":"https://github.com/mysql/mysql-server/commit/5c6169fb309981b564a17bee31b367a18866d674","id":"CVE-2017-3600-f025212f","digest":{"length":777,"function_hash":"246944363977155590390252587408785106057"},"signature_version":"v1","deprecated":false},{"signature_type":"Line","target":{"file":"extra/yassl/taocrypt/include/aes.hpp"},"source":"https://github.com/mysql/mysql-server/commit/5c6169fb309981b564a17bee31b367a18866d674","id":"CVE-2017-3600-f1a20ab2","digest":{"threshold":0.9,"line_hashes":["9362527860081038730679062657920569910","130063748085186192520963433580033484435","299991285686314971775930863677344494765","266237999458203397717558546496633500977","194548897794550161833220851076800115659","34594893204094559856573712408920554047","260593162059822826695920954357842913080","174922547085331436611787888998238953995","125893945187416822134617104117787379689","323351437525602750245601853115422984974"]},"signature_version":"v1","deprecated":false},{"signature_type":"Function","target":{"file":"extra/yassl/taocrypt/src/asn.cpp","function":"DecodeDSA_Signature"},"source":"https://github.com/mysql/mysql-server/commit/5c6169fb309981b564a17bee31b367a18866d674","id":"CVE-2017-3600-fbbc082b","digest":{"length":998,"function_hash":"176264138956671344582971388523892605290"},"signature_version":"v1","deprecated":false}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:H/A:H"}]}