Login

Tenable Community & Support

Tenable University

CVE-2014-4243

LOW

Description

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via vectors related to ENFED.

References

http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html

http://seclists.org/fulldisclosure/2014/Dec/23

http://secunia.com/advisories/60425

http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

http://www.securityfocus.com/archive/1/534161/100/0/threaded

http://www.securityfocus.com/bid/68611

http://www.securitytracker.com/id/1030578

http://www.vmware.com/security/advisories/VMSA-2014-0012.html

https://exchange.xforce.ibmcloud.com/vulnerabilities/94628

Details

Source: MITRE

Published: 2014-07-17

Updated: 2019-12-17

Type: NVD-CWE-noinfo

Risk Information

CVSS v2.0

Base Score: 2.8

Vector: AV:N/AC:M/Au:M/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 5.5

Severity: LOW

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:oracle:mysql:5.6.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.6.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.6.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.6.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.6.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.6.10:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.6.11:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.6.12:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.6.13:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.6.14:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* versions up to 5.6.15 (inclusive)

Configuration 2

OR

cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:opensuse_project:suse_linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:*

cpe:2.3:o:opensuse_project:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*

cpe:2.3:o:opensuse_project:suse_linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*

cpe:2.3:o:opensuse_project:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:a:oracle:mysql:5.5.0:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.1:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.2:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.3:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.4:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.5:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.6:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.7:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.9:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.10:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.11:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.12:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.13:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.14:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.15:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.16:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.17:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.18:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.19:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.20:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.21:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.22:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.23:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.24:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.25:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.25:a:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.26:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.27:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.28:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.29:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.30:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.31:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.32:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.33:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:5.5.34:*:*:*:*:*:*:*

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* versions up to 5.5.35 (inclusive)

Tenable Plugins

View all (15 total)

ID	Name	Product	Family	Severity
72713	MariaDB 10 < 10.0.9 Multiple DoS Vulnerabilities	Nessus	Databases	medium
9283	MariaDB Server 10.0.x < 10.0.21 Multiple Vulnerabilities	Nessus Network Monitor	Database	medium
82344	Mandriva Linux Security Advisory : mariadb (MDVSA-2015:091)	Nessus	Mandriva Local Security Checks	high
79370	Oracle Linux 7 : mariadb (ELSA-2014-1861)	Nessus	Oracle Linux Local Security Checks	medium
79369	Oracle Linux 5 : mysql55-mysql (ELSA-2014-1859)	Nessus	Oracle Linux Local Security Checks	medium
79305	Scientific Linux Security Update : mysql55-mysql on SL5.x i386/x86_64 (20141117)	Nessus	Scientific Linux Local Security Checks	medium
79304	Scientific Linux Security Update : mariadb on SL7.x x86_64 (20141117)	Nessus	Scientific Linux Local Security Checks	medium
79303	RHEL 7 : mariadb (RHSA-2014:1861)	Nessus	Red Hat Local Security Checks	medium
79302	RHEL 5 : mysql55-mysql (RHSA-2014:1859)	Nessus	Red Hat Local Security Checks	high
79300	CentOS 7 : mariadb (CESA-2014:1861)	Nessus	CentOS Local Security Checks	medium
79299	CentOS 5 : mysql55-mysql (CESA-2014:1859)	Nessus	CentOS Local Security Checks	medium
77435	SuSE 11.3 Security Update : MySQL (SAT Patch Number 9624)	Nessus	SuSE Local Security Checks	medium
77434	SuSE 11.3 Security Update : MySQL (SAT Patch Number 9624)	Nessus	SuSE Local Security Checks	medium
73573	MySQL 5.6.x < 5.6.16 Multiple Vulnerabilities	Nessus	Databases	medium
73572	MySQL 5.5.x < 5.5.36 Multiple Vulnerabilities	Nessus	Databases	high