CVE-2014-6507MEDIUM
Description
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SERVER:DML.
References
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html
http://secunia.com/advisories/61579
http://secunia.com/advisories/62073
http://security.gentoo.org/glsa/glsa-201411-02.xml
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
Details
Source: MITRE
Published: 2014-10-15
Updated: 2018-12-18
Type: NVD-CWE-noinfo
Risk Information
CVSS v2.0
Base Score: 4.3
Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P
Impact Score: 2.9
Exploitability Score: 8.6
Severity: MEDIUM
Vulnerable Software
Configuration 1
OR
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:* versions up to 5.5.40 (inclusive)
Configuration 2
OR
Configuration 3
OR
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* versions from 5.5.0 to 5.5.39 (inclusive)
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* versions from 5.6.0 to 5.6.20 (inclusive)
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 129355 | MariaDB 10.0.0 < 10.0.15 Multiple Vulnerabilities | Nessus | Databases | high |
| 125007 | EulerOS Virtualization 3.0.1.0 : mariadb (EulerOS-SA-2019-1554) | Nessus | Huawei Local Security Checks | high |
| 84658 | openSUSE Security Update : MariaDB (openSUSE-2015-479) (BACKRONYM) (Logjam) | Nessus | SuSE Local Security Checks | high |
| 83716 | SUSE SLED12 / SLES12 Security Update : mariadb (SUSE-SU-2015:0743-1) | Nessus | SuSE Local Security Checks | high |
| 82428 | SuSE 11.3 Security Update : MySQL (SAT Patch Number 10387) | Nessus | SuSE Local Security Checks | high |
| 82344 | Mandriva Linux Security Advisory : mariadb (MDVSA-2015:091) | Nessus | Mandriva Local Security Checks | high |
| 8912 | Oracle MySQL 5.5.x < 5.5.40 / 5.6.x < 5.6.21 Multiple Vulnerabilities | Nessus Network Monitor | Database | high |
| 79905 | Fedora 20 : mariadb-5.5.40-1.fc20 (2014-16003) | Nessus | Fedora Local Security Checks | medium |
| 79370 | Oracle Linux 7 : mariadb (ELSA-2014-1861) | Nessus | Oracle Linux Local Security Checks | medium |
| 79369 | Oracle Linux 5 : mysql55-mysql (ELSA-2014-1859) | Nessus | Oracle Linux Local Security Checks | medium |
| 79305 | Scientific Linux Security Update : mysql55-mysql on SL5.x i386/x86_64 (20141117) | Nessus | Scientific Linux Local Security Checks | medium |
| 79304 | Scientific Linux Security Update : mariadb on SL7.x x86_64 (20141117) | Nessus | Scientific Linux Local Security Checks | medium |
| 79303 | RHEL 7 : mariadb (RHSA-2014:1861) | Nessus | Red Hat Local Security Checks | medium |
| 79302 | RHEL 5 : mysql55-mysql (RHSA-2014:1859) | Nessus | Red Hat Local Security Checks | high |
| 79300 | CentOS 7 : mariadb (CESA-2014:1861) | Nessus | CentOS Local Security Checks | medium |
| 79299 | CentOS 5 : mysql55-mysql (CESA-2014:1859) | Nessus | CentOS Local Security Checks | medium |
| 78880 | GLSA-201411-02 : MySQL, MariaDB: Multiple vulnerabilities | Nessus | Gentoo Local Security Checks | high |
| 78829 | Slackware 14.1 / current : mariadb (SSA:2014-307-01) | Nessus | Slackware Local Security Checks | high |
| 78718 | Mandriva Linux Security Advisory : mariadb (MDVSA-2014:210) | Nessus | Mandriva Local Security Checks | high |
| 78589 | Debian DSA-3054-1 : mysql-5.5 - security update | Nessus | Debian Local Security Checks | high |
| 78505 | Ubuntu 12.04 LTS / 14.04 LTS : mysql-5.5 vulnerabilities (USN-2384-1) | Nessus | Ubuntu Local Security Checks | high |
| 78477 | MySQL 5.5.x < 5.5.40 / 5.6.x < 5.6.21 Multiple Vulnerabilities (October 2014 CPU) | Nessus | Databases | high |