MySQL Vulnerability in Gateway 11.0
search cancel

MySQL Vulnerability in Gateway 11.0

book

Article ID: 394181

calendar_today

Updated On: 04-14-2025

Products

CA API Gateway

Issue/Introduction

A vulnerability has been flagged for version 11.0 with Feb monthly patch applied. The plan is to upgrade to 11.1.1 in the next few weeks. Which monthly patch addresses the below vulnerability:

 

<GATEWAY_HOST>

<GATEWAY_IP>

Oracle MySQL Server October 2024 Critical Patch Update (CPUOCT2024)

Overdue

2-High

Refer to vendor advisory <A HREF="https://www.oracle.com/security-alerts/cpuoct2024.html#AppendixMSQL" TARGET="_blank">Oracle MySQL OCT 2024 </A> for patch details and further information.<BR>
<P>Patch:<BR>
Following are links for downloading patches to fix the vulnerabilities:
<P> <A HREF="https://www.oracle.com/security-alerts/cpuoct2024.html" TARGET="_blank">CPUOCT2024</A>

This Critical Patch Update contains patches for  8.0.x and 8.x.y oracle MySQL server<P>

Affected Versions:<BR>
MySQL Server versions 8.0.39 and prior<BR>
MySQL Server versions 8.4.2 and prior<BR>
MySQL Server versions 9.0.1 and prior<P>

QID Detection Logic (Authenticated):(Linux)<BR>This QID fires mysqld -V command to check the vulnerable versions of MySQL.<P>
QID Detection Logic (Unauthenticated):<BR>This QID detects vulnerable versions of MySQL via the banner exposed by the service.<P>

Environment

API Gateway 11.0 

Resolution

There are no MySQL updates for Gateway 11.0 or 11.1.

Gateway 11.1.1 is running MySQL 8.0.41, which would remediate the vulnerability.

Powered by Wolken Software