CVE-2015-2620

MEDIUM

Description

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.

References

http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698

http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html

http://rhn.redhat.com/errata/RHSA-2015-1628.html

http://rhn.redhat.com/errata/RHSA-2015-1629.html

http://rhn.redhat.com/errata/RHSA-2015-1630.html

http://rhn.redhat.com/errata/RHSA-2015-1646.html

http://rhn.redhat.com/errata/RHSA-2015-1647.html

http://rhn.redhat.com/errata/RHSA-2015-1665.html

http://www.debian.org/security/2015/dsa-3308

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html

http://www.securityfocus.com/bid/75837

http://www.securitytracker.com/id/1032911

http://www.ubuntu.com/usn/USN-2674-1

https://security.gentoo.org/glsa/201610-06

Details

Source: MITRE

Published: 2015-07-16

Updated: 2019-02-05

Type: NVD-CWE-noinfo

Risk Information

CVSS v2.0

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

Vulnerable Software

Configuration 4

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* versions from 5.5.0 to 5.5.43 (inclusive)

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* versions from 5.6.0 to 5.6.23 (inclusive)

Tenable Plugins

View all (22 total)

ID	Name	Product	Family	Severity
93993	GLSA-201610-06 : MySQL and MariaDB: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	medium
91778	Juniper Junos Space < 15.1R1 Multiple Vulnerabilities (JSA10698)	Nessus	Junos Local Security Checks	critical
9303	MariaDB Server 10.0.x < 10.0.22 / 10.1.x < 10.1.9 Multiple Vulnerabilities	Nessus Network Monitor	Database	medium
9302	MariaDB Server 5.4.x < 5.4.46 / 10.0.x < 10.0.22 Multiple Vulnerabilities	Nessus Network Monitor	Database	medium
9282	MariaDB Server 10.0.x < 10.0.20 Multiple Vulnerabilities (BACKRONYM)	Nessus Network Monitor	Database	medium
9257	Oracle MySQL 5.5.x < 5.5.44 / 5.6.x < 5.6.24 Multiple Vulnerabilities	Nessus Network Monitor	Database	low
86537	SUSE SLED11 / SLES11 Security Update : mysql (SUSE-SU-2015:1788-1) (BACKRONYM)	Nessus	SuSE Local Security Checks	medium
86182	openSUSE Security Update : mysql-community-server (openSUSE-2015-608)	Nessus	SuSE Local Security Checks	medium
85635	CentOS 7 : mariadb (CESA-2015:1665) (BACKRONYM)	Nessus	CentOS Local Security Checks	medium
85622	Scientific Linux Security Update : mariadb on SL7.x x86_64 (20150824) (BACKRONYM)	Nessus	Scientific Linux Local Security Checks	medium
85616	RHEL 7 : mariadb (RHSA-2015:1665) (BACKRONYM)	Nessus	Red Hat Local Security Checks	medium
85612	Oracle Linux 7 : mariadb (ELSA-2015-1665) (BACKRONYM)	Nessus	Oracle Linux Local Security Checks	medium
85538	Oracle MySQL 5.6.x < 5.6.24 Multiple Vulnerabilities (July 2015 CPU) (October 2015 CPU)	Nessus	Databases	medium
85536	Oracle MySQL 5.5.x < 5.5.44 Multiple Vulnerabilities (July 2015 CPU) (October 2015 CPU)	Nessus	Databases	medium
85499	Scientific Linux Security Update : mysql55-mysql on SL5.x i386/x86_64 (20150817)	Nessus	Scientific Linux Local Security Checks	high
85488	Oracle Linux 5 : mysql55-mysql (ELSA-2015-1628)	Nessus	Oracle Linux Local Security Checks	high
85460	CentOS 5 : mysql55-mysql (CESA-2015:1628)	Nessus	CentOS Local Security Checks	high
85443	RHEL 5 : mysql55-mysql (RHSA-2015:1628)	Nessus	Red Hat Local Security Checks	high
84915	Ubuntu 12.04 LTS / 14.04 LTS / 14.10 / 15.04 : mysql-5.5, mysql-5.6 vulnerabilities (USN-2674-1)	Nessus	Ubuntu Local Security Checks	medium
84836	Debian DSA-3308-1 : mysql-5.5 - security update	Nessus	Debian Local Security Checks	medium
84796	MariaDB 10.0.x < 10.0.20 Multiple Vulnerabilities (BACKRONYM)	Nessus	Databases	medium
84767	MySQL 5.5.x < 5.5.44 / 5.6.x < 5.6.25 Multiple Vulnerabilities (July 2015 CPU)	Nessus	Databases	medium