Lucene search

K

[email protected]NVD:CVE-2016-0643

HistoryApr 21, 2016 - 10:59 a.m.

CVE-2016-0643

2016-04-2110:59:12

[email protected]

web.nvd.nist.gov

2

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

3.9 Low

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.1%

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.11 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows local users to affect confidentiality via vectors related to DML.

Affected configurations

NVD

Node

debiandebian_linuxMatch8.0

Node

redhatenterprise_linuxMatch6.0

OR

redhatenterprise_linuxMatch7.0

Node

ibmpowerkvmMatch2.1

OR

ibmpowerkvmMatch3.1

Node

opensuseleapMatch42.1

Node

oraclemysqlRange5.5.0–5.5.48

OR

oraclemysqlRange5.6.0–5.6.29

OR

oraclemysqlRange5.7.0–5.7.11

Node

mariadbmariadbRange5.5.20–5.5.49

OR

mariadbmariadbRange10.0.0–10.0.25

OR

mariadbmariadbRange10.1.0–10.1.14

References

lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html

lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html

lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html

lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html

lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html

lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html

rhn.redhat.com/errata/RHSA-2016-0705.html

rhn.redhat.com/errata/RHSA-2016-1480.html

rhn.redhat.com/errata/RHSA-2016-1481.html

rhn.redhat.com/errata/RHSA-2016-1602.html

www-01.ibm.com/support/docview.wss?uid=isg3T1024168

www.debian.org/security/2016/dsa-3557

www.debian.org/security/2016/dsa-3595

www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

www.securityfocus.com/bid/86486

www.securitytracker.com/id/1035606

www.ubuntu.com/usn/USN-2953-1

www.ubuntu.com/usn/USN-2954-1

access.redhat.com/errata/RHSA-2016:1132

mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/

mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/

mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/

4 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:L/Au:S/C:P/I:N/A:N

3.3 Low

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N

3.9 Low

AI Score

Confidence

Low

0.0004 Low

EPSS

Percentile

10.1%

Related for NVD:CVE-2016-0643

cve1 cvelist1 mariadbunix1 prion1 alpinelinux1 veracode1 ubuntucve1 osv2 openvas25 mageia1 nessus34 fedora2 amazon2 debian5 ubuntu2 suse6 f52 ibm2 redhat5 oraclelinux1 centos1 freebsd1 kaspersky1 oracle1