CVE-2015-4830

MEDIUM

Description

Unspecified vulnerability in Oracle MySQL Server 5.5.45 and earlier and 5.6.26 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.

References

http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html

http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html

http://rhn.redhat.com/errata/RHSA-2016-0534.html

http://rhn.redhat.com/errata/RHSA-2016-0705.html

http://rhn.redhat.com/errata/RHSA-2016-1480.html

http://rhn.redhat.com/errata/RHSA-2016-1481.html

http://www.debian.org/security/2015/dsa-3377

http://www.debian.org/security/2015/dsa-3385

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

http://www.securityfocus.com/bid/77228

http://www.securitytracker.com/id/1033894

http://www.ubuntu.com/usn/USN-2781-1

https://access.redhat.com/errata/RHSA-2016:1132

https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html

Details

Source: MITRE

Published: 2015-10-21

Updated: 2019-02-11

Risk Information

CVSS v2.0

Base Score: 4

Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 8

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:novell:suse_linux_enterprise_software_development_kit:12.0:sp1:*:*:*:*:*:*

cpe:2.3:o:novell:suse_linux_enterprise_desktop:12.0:sp1:*:*:*:*:*:*

cpe:2.3:o:novell:suse_linux_enterprise_server:12.0:sp1:*:*:*:*:*:*

cpe:2.3:o:novell:suse_linux_enterprise_workstation_extension:12.0:sp1:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Configuration 5

OR

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* versions from 5.5.0 to 5.5.45 (inclusive)

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* versions from 5.6.0 to 5.6.26 (inclusive)

Tenable Plugins

View all (26 total)

IDNameProductFamilySeverity
99774EulerOS 2.0 SP1 : mariadb (EulerOS-SA-2016-1011)NessusHuawei Local Security Checks
medium
9284MariaDB Server 10.0.x < 10.0.22 Multiple DoS VulnerabilitiesNessus Network MonitorDatabase
medium
9252Oracle MySQL 5.5.x < 5.5.46 / 5.6.x < 5.6.27 Multiple VulnerabilitiesNessus Network MonitorDatabase
high
90366Amazon Linux AMI : mysql56 (ALAS-2016-684)NessusAmazon Linux Local Security Checks
high
90345Scientific Linux Security Update : mariadb on SL7.x x86_64 (20160404)NessusScientific Linux Local Security Checks
high
90300RHEL 7 : mariadb (RHSA-2016:0534)NessusRed Hat Local Security Checks
high
90296Oracle Linux 7 : mariadb (ELSA-2016-0534)NessusOracle Linux Local Security Checks
high
90276CentOS 7 : mariadb (CESA-2016:0534)NessusCentOS Local Security Checks
high
89628Fedora 23 : mariadb-10.0.23-1.fc23 (2016-e30164d0a2)NessusFedora Local Security Checks
high
88615openSUSE Security Update : mariadb (openSUSE-2016-164)NessusSuSE Local Security Checks
medium
88515SUSE SLED12 / SLES12 Security Update : mariadb (SUSE-SU-2016:0296-1)NessusSuSE Local Security Checks
medium
87964SUSE SLED12 / SLES12 Security Update : mariadb (SUSE-SU-2016:0121-1)NessusSuSE Local Security Checks
high
87525SUSE SLED11 / SLES11 Security Update : mysql (SUSE-SU-2015:2303-1)NessusSuSE Local Security Checks
high
87486openSUSE Security Update : MariaDB 5.5.46 (openSUSE-2015-890)NessusSuSE Local Security Checks
medium
87442openSUSE Security Update : mysql (openSUSE-2015-889) (BACKRONYM)NessusSuSE Local Security Checks
high
87440openSUSE Security Update : mariadb (openSUSE-2015-884)NessusSuSE Local Security Checks
medium
87210MariaDB < 5.5.46 Multiple VulnerabilitiesNessusDatabases
medium
86874MariaDB 10.0.x < 10.0.22 Multiple VulnerabilitiesNessusDatabases
medium
86858FreeBSD : MySQL - Multiple vulnerabilities (851a0eea-88aa-11e5-90e7-b499baebfeaf)NessusFreeBSD Local Security Checks
medium
86679Debian DSA-3385-1 : mariadb-10.0 - security updateNessusDebian Local Security Checks
high
86661Oracle MySQL 5.6.x < 5.6.27 Multiple Vulnerabilities (October 2015 CPU) (January 2016 CPU) (July 2016 CPU)NessusDatabases
high
86658Oracle MySQL 5.5.x < 5.5.46 Multiple Vulnerabilities (October 2015 CPU) (January 2016 CPU) (July 2016 CPU)NessusDatabases
high
86617Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : mysql-5.5, mysql-5.6 vulnerabilities (USN-2781-1)NessusUbuntu Local Security Checks
high
86580Debian DSA-3377-1 : mysql-5.5 - security updateNessusDebian Local Security Checks
high
86547MySQL 5.6.x < 5.6.27 Multiple VulnerabilitiesNessusDatabases
high
86546MySQL 5.5.x < 5.5.46 Multiple VulnerabilitiesNessusDatabases
high