Lucene search

OracleCVE-2016-5584

HistoryOct 25, 2016 - 2:30 p.m.

CVE-2016-5584

2016-10-2514:30:54

oracle

web.nvd.nist.gov

cve-2016-5584

oracle

mysql

vulnerability

nvd

security

confidentiality

remote administrators

CVSS2

3.5

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:S/C:P/I:N/A:N

CVSS3

4.4

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

HIGH

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.1/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

AI Score

4.4

Confidence

Low

EPSS

0.002

Percentile

59.5%

JSON

Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.

Affected configurations

Nvd

Node

oraclemysqlRange5.5.0–5.5.52

oraclemysqlRange5.6.0–5.6.33

oraclemysqlRange5.7.0–5.7.15

Node

mariadbmariadbRange5.5.0–5.5.53

mariadbmariadbRange10.0.0–10.0.28

mariadbmariadbRange10.1.0–10.1.19

Node

debiandebian_linuxMatch8.0

VendorProductVersionCPE
oraclemysql*cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
mariadbmariadb*cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
debiandebian_linux8.0cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
oracle	mysql	*	cpe:2.3:a:oracle:mysql::::::::
mariadb	mariadb	*	cpe:2.3:a:mariadb:mariadb::::::::
debian	debian_linux	8.0	cpe:2.3:o:debian:debian_linux:8.0:::::::*