AZL-6627

See a problem?

Import Source

https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-6627.json

JSON Data

https://api.osv.dev/v1/vulns/AZL-6627

Upstream

CVE-2017-3615

Published

2017-04-24T19:59:06Z

Modified

2026-04-21T04:37:49.416210Z

Severity

7.0 (High) CVSS_V3 - CVSS:3.1/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H CVSS Calculator

Summary

CVE-2017-3615 affecting package libdb for versions less than 5.3.28-7

Details

Vulnerability in the Data Store component of Oracle Berkeley DB. The supported version that is affected is Prior to 6.2.32. Difficult to exploit vulnerability allows unauthenticated attacker with logon to the infrastructure where Data Store executes to compromise Data Store. Successful attacks require human interaction from a person other than the attacker. Successful attacks of this vulnerability can result in takeover of Data Store. CVSS 3.0 Base Score 7.0 (Confidentiality, Integrity and Availability impacts). CVSS Vector: (CVSS:3.0/AV:L/AC:H/PR:N/UI:R/S:U/C:H/I:H/A:H).

References

https://nvd.nist.gov/vuln/detail/CVE-2017-3615

Affected packages

Azure Linux:2 / libdb

Package

Name: libdb
Purl: pkg:rpm/azure-linux/libdb

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

5.3.28-7

Database specific

source

"https://github.com/microsoft/AzureLinuxVulnerabilityData/blob/main/osv/AZL-6627.json"