Layer7 API Management

 View Only
  • 1.  Vulnerability  : CVE-2017-3599 in api gateway

    Posted May 23, 2019 08:26 AM



    I am working for one customer he is facing vulnerability error in MySql. Is this vulnerability is fixed by the team. I checked the txt. file in products download and I did not find this vulnerability number in the .txt file. Can anybody help me on this. 

    Vulnerability number is : CVE-2017-3599

  • 2.  Re: Vulnerability  : CVE-2017-3599 in api gateway

    Broadcom Employee
    Posted May 23, 2019 08:31 PM

    Hello Venkat,


    As long as I checked the CVE-2017-3599 on the following Oracle web page, API Gateway 9.3 and 9.4 are NOT affected by the vulnerability.



    CVE-2017-3599MySQL ServerServer: Pluggable AuthMySQL ProtocolYes7.5NetworkLowNoneNoneUn-
    NoneNoneHigh5.6.35 and earlier, 5.7.17 and earlier 


    [API Gateway 9.3]
    # rpm -q mysql-commercial-server


    [API Gateway 9.4]
    # rpm -q mysql-commercial-server


    Both versions are newer than the affected versions.


    Best regards,