The version of MySQL installed on the remote host is version 5.7.x prior to 5.7.15 and is affected by multiple issues :
- A flaw exists related to the way βREPAIR TABLEβ uses temporary files. This may allow an authenticated attacker to gain elevated privileges.
- A flaw exists in InnoDB that is triggered during the handling of an operation that dropped and created a full-text search table. This may allow an authenticated attacker to trigger an assertion and cause a denial of service.
- A flaw exists in InnoDB that is triggered when accessing full-text search auxiliary tables while dropping the indexed table. This may allow an authenticated attacker to trigger an assertion and cause a denial of service.
- An overflow condition exists that is triggered as certain input is not properly validated when handling long integer values in βMEDIUMINTβ columns. This may allow an authenticated attacker to cause a buffer overflow, resulting in a denial of service or potentially allowing the execution of arbitrary code.
- A flaw exists in the βvalidate_passwordβ plugin that is triggered as rejected passwords are logged in plaintext on the error log. This may allow a local attacker to gain access to passwords that did not meet the password policy, but may potentially be very close to the password ultimately chosen and accepted.
- A flaw exists in InnoDB that is triggered during the handling of an βALTER TABLE β¦ ENCRYPTION=Y, ALGORITHM=COPYβ operation on a table residing in the system tablespace. This may allow an authenticated attacker to crash the server.
- An unspecified flaw exists related to the Optimizer subcomponent. This may allow an authenticated remote attacker to cause a denial of service. No further details have been provided by the vendor. (CVE-2016-3492)
- An unspecified flaw exists related to the InnoDB subcomponent. This may allow an authenticated remote attacker to cause a denial of service. No further details have been provided by the vendor. (CVE-2016-5507)
- An unspecified flaw exists related to the MyISAM subcomponent. This may allow a local attacker to gain elevated privileges. No further details have been provided by the vendor. (CVE-2016-5616)
- An unspecified flaw exists related to the Error Handling subcomponent. This may allow a local attacker to gain elevated privileges. No further details have been provided by the vendor. (CVE-2016-5617)
- An unspecified flaw exists related to the Packaging subcomponent. This may allow a local attacker to gain elevated privileges. No further details have been provided by the vendor. (CVE-2016-5625)
- An unspecified flaw exists related to the GIS subcomponent. This may allow an authenticated remote attacker to cause a denial of service. No further details have been provided by the vendor. (CVE-2016-5626)
- An unspecified flaw exists related to the Federated subcomponent. This may allow an authenticated remote attacker to cause a denial of service. No further details have been provided by the vendor. (CVE-2016-5629)
- An unspecified flaw exists related to the Optimizer subcomponent. This may allow an authenticated remote attacker to cause a denial of service. No further details have been provided by the vendor. (2016-5632)
- An unspecified flaw exists related to the Types subcomponent. This may allow an authenticated remote attacker to cause a denial of service. No further details have been provided by the vendor. (CVE-2016-8283)
- An unspecified flaw exists related to the Security: Privileges subcomponent. This may allow an authenticated remote attacker to disclose potentially sensitive information. No further details have been provided by the vendor. (CVE-2016-8286)