{"$ref":"https://www.cert.ssi.gouv.fr/openapi.json","affected_systems":[{"description":"Oracle MySQL Cluster versions 7.2.27 et ant\u00e9rieures","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle MySQL Enterprise Backup versions 3.12.3 et ant\u00e9rieures","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle MySQL Connectors versions 5.1.41 et ant\u00e9rieures","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle MySQL Cluster versions 7.4.14 et ant\u00e9rieures","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle MySQL Enterprise Monitor versions 3.2.1182 et ant\u00e9rieures","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle MySQL Enterprise Backup versions 4.0.3 et ant\u00e9rieures","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle MySQL Workbench versions 6.3.8 et ant\u00e9rieures","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle MySQL Server versions 5.6.35 et ant\u00e9rieures","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle MySQL Enterprise Monitor versions 3.1.6.8003 et ant\u00e9rieures","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle MySQL Enterprise Monitor versions 3.3.2.1162 et ant\u00e9rieures","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle MySQL Server versions 5.7.17 et ant\u00e9rieures","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle MySQL Connectors versions 2.1.5 et ant\u00e9rieures","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle MySQL Cluster versions 7.5.5 et ant\u00e9rieures","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle MySQL Server versions 5.5.54 et ant\u00e9rieures","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}},{"description":"Oracle MySQL Cluster versions 7.3.16 et ant\u00e9rieures","product":{"name":"MySQL","vendor":{"name":"Oracle","scada":false}}}],"affected_systems_content":null,"content":"## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l'\u00e9diteur pour l'obtention des\ncorrectifs (cf. section Documentation).\n","cves":[{"name":"CVE-2017-3458","url":"https://www.cve.org/CVERecord?id=CVE-2017-3458"},{"name":"CVE-2017-3462","url":"https://www.cve.org/CVERecord?id=CVE-2017-3462"},{"name":"CVE-2017-3467","url":"https://www.cve.org/CVERecord?id=CVE-2017-3467"},{"name":"CVE-2017-3306","url":"https://www.cve.org/CVERecord?id=CVE-2017-3306"},{"name":"CVE-2017-3456","url":"https://www.cve.org/CVERecord?id=CVE-2017-3456"},{"name":"CVE-2016-3092","url":"https://www.cve.org/CVERecord?id=CVE-2016-3092"},{"name":"CVE-2017-3468","url":"https://www.cve.org/CVERecord?id=CVE-2017-3468"},{"name":"CVE-2016-2176","url":"https://www.cve.org/CVERecord?id=CVE-2016-2176"},{"name":"CVE-2017-3600","url":"https://www.cve.org/CVERecord?id=CVE-2017-3600"},{"name":"CVE-2017-3731","url":"https://www.cve.org/CVERecord?id=CVE-2017-3731"},{"name":"CVE-2017-3460","url":"https://www.cve.org/CVERecord?id=CVE-2017-3460"},{"name":"CVE-2016-6303","url":"https://www.cve.org/CVERecord?id=CVE-2016-6303"},{"name":"CVE-2017-3307","url":"https://www.cve.org/CVERecord?id=CVE-2017-3307"},{"name":"CVE-2017-3453","url":"https://www.cve.org/CVERecord?id=CVE-2017-3453"},{"name":"CVE-2017-3469","url":"https://www.cve.org/CVERecord?id=CVE-2017-3469"},{"name":"CVE-2017-3590","url":"https://www.cve.org/CVERecord?id=CVE-2017-3590"},{"name":"CVE-2017-3308","url":"https://www.cve.org/CVERecord?id=CVE-2017-3308"},{"name":"CVE-2017-3599","url":"https://www.cve.org/CVERecord?id=CVE-2017-3599"},{"name":"CVE-2017-3586","url":"https://www.cve.org/CVERecord?id=CVE-2017-3586"},{"name":"CVE-2017-3463","url":"https://www.cve.org/CVERecord?id=CVE-2017-3463"},{"name":"CVE-2017-3732","url":"https://www.cve.org/CVERecord?id=CVE-2017-3732"},{"name":"CVE-2017-3461","url":"https://www.cve.org/CVERecord?id=CVE-2017-3461"},{"name":"CVE-2017-3455","url":"https://www.cve.org/CVERecord?id=CVE-2017-3455"},{"name":"CVE-2017-3302","url":"https://www.cve.org/CVERecord?id=CVE-2017-3302"},{"name":"CVE-2017-3454","url":"https://www.cve.org/CVERecord?id=CVE-2017-3454"},{"name":"CVE-2017-3450","url":"https://www.cve.org/CVERecord?id=CVE-2017-3450"},{"name":"CVE-2017-3457","url":"https://www.cve.org/CVERecord?id=CVE-2017-3457"},{"name":"CVE-2017-3465","url":"https://www.cve.org/CVERecord?id=CVE-2017-3465"},{"name":"CVE-2017-3589","url":"https://www.cve.org/CVERecord?id=CVE-2017-3589"},{"name":"CVE-2017-3452","url":"https://www.cve.org/CVERecord?id=CVE-2017-3452"},{"name":"CVE-2017-3331","url":"https://www.cve.org/CVERecord?id=CVE-2017-3331"},{"name":"CVE-2017-3464","url":"https://www.cve.org/CVERecord?id=CVE-2017-3464"},{"name":"CVE-2017-3304","url":"https://www.cve.org/CVERecord?id=CVE-2017-3304"},{"name":"CVE-2017-5638","url":"https://www.cve.org/CVERecord?id=CVE-2017-5638"},{"name":"CVE-2017-3305","url":"https://www.cve.org/CVERecord?id=CVE-2017-3305"},{"name":"CVE-2017-3329","url":"https://www.cve.org/CVERecord?id=CVE-2017-3329"},{"name":"CVE-2017-3309","url":"https://www.cve.org/CVERecord?id=CVE-2017-3309"},{"name":"CVE-2017-3459","url":"https://www.cve.org/CVERecord?id=CVE-2017-3459"}],"links":[{"title":"Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2017-3236618 du 18 avril    2017","url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html"},{"title":"Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2017verbose-3236619 du 18    avril 2017","url":"http://www.oracle.com/technetwork/security-advisory/cpuapr2017verbose-3236619.html#MSQL"}],"reference":"CERTFR-2017-AVI-122","revisions":[{"description":"version initiale.","revision_date":"2017-04-19T00:00:00.000000"}],"risks":[{"description":"D\u00e9ni de service \u00e0 distance"},{"description":"Ex\u00e9cution de code arbitraire \u00e0 distance"},{"description":"Atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es"},{"description":"Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"}],"summary":"De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans <span\nclass=\"textit\">Oracle MySQL</span>. Certaines d'entre elles permettent \u00e0\nun attaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance,\nun d\u00e9ni de service \u00e0 distance et une atteinte \u00e0 l'int\u00e9grit\u00e9 des donn\u00e9es.\n","title":"Multiples vuln\u00e9rabilit\u00e9s dans Oracle MySQL","vendor_advisories":[{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2017verbose-3236619 du 18 avril 2017","url":null},{"published_at":null,"title":"Bulletin de s\u00e9curit\u00e9 Oracle cpuapr2017-3236618 du 18 avril 2017","url":null}]}