Message Image

Skip main navigation (Press Enter).

Layer7 API Management

Back to discussions

Expand all | Collapse all

Vulnerability : CVE-2017-3599 in api gateway

Anon AnonMay 23, 2019 08:26 AM

Hi, I am working for one customer he is facing vulnerability error in MySql. Is this vulnerability ...

Seiji MoriyamaMay 23, 2019 08:31 PM

Hello Venkat, As long as I checked the CVE-2017-3599 on the following Oracle web page, API Gateway ...

1. Vulnerability : CVE-2017-3599 in api gateway

0 Recommend
Anon Anon
Posted May 23, 2019 08:26 AM

Reply Reply Privately
Hi,

I am working for one customer he is facing vulnerability error in MySql. Is this vulnerability is fixed by the team. I checked the txt. file in products download and I did not find this vulnerability number in the .txt file. Can anybody help me on this.
Vulnerability number is : CVE-2017-3599
2. Re: Vulnerability : CVE-2017-3599 in api gateway

0 Recommend
Broadcom Employee

Seiji Moriyama
Posted May 23, 2019 08:31 PM

Reply Reply Privately
Hello Venkat,

As long as I checked the CVE-2017-3599 on the following Oracle web page, API Gateway 9.3 and 9.4 are NOT affected by the vulnerability.

https://www.oracle.com/technetwork/security-advisory/cpuapr2017-3236618.html

CVE-2017-3599 MySQL Server Server: Pluggable Auth MySQL Protocol Yes 7.5 Network Low None None Un-
changed None None High 5.6.35 and earlier, 5.7.17 and earlier

[API Gateway 9.3]
# rpm -q mysql-commercial-server
mysql-commercial-server-5.7.20-1.1.el6.x86_64

[API Gateway 9.4]
# rpm -q mysql-commercial-server
mysql-commercial-server-5.7.23-1.1.el6.x86_64

Both versions are newer than the affected versions.

Best regards,
Seiji

Copyright 2023. All rights reserved.

Powered by Higher Logic