CVE-2015-4864LOW
Description
Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect integrity via unknown vectors related to Server : Security : Privileges.
References
http://rhn.redhat.com/errata/RHSA-2015-1628.html
http://rhn.redhat.com/errata/RHSA-2015-1665.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html
http://www.securityfocus.com/bid/77187
Details
Source: MITRE
Published: 2015-10-21
Updated: 2019-02-11
Type: NVD-CWE-noinfo
Risk Information
CVSS v2.0
Base Score: 3.5
Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N
Impact Score: 2.9
Exploitability Score: 6.8
Severity: LOW
Vulnerable Software
Configuration 1
OR
Configuration 2
OR
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* versions from 5.5.0 to 5.5.43 (inclusive)
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* versions from 5.6.0 to 5.6.24 (inclusive)
Configuration 3
OR
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
Tenable Plugins
| ID | Name | Product | Family | Severity |
|---|---|---|---|---|
| 9303 | MariaDB Server 10.0.x < 10.0.22 / 10.1.x < 10.1.9 Multiple Vulnerabilities | Nessus Network Monitor | Database | medium |
| 9302 | MariaDB Server 5.4.x < 5.4.46 / 10.0.x < 10.0.22 Multiple Vulnerabilities | Nessus Network Monitor | Database | medium |
| 9282 | MariaDB Server 10.0.x < 10.0.20 Multiple Vulnerabilities (BACKRONYM) | Nessus Network Monitor | Database | medium |
| 9255 | Oracle MySQL 5.6.x < 5.6.25 Multiple Vulnerabilities | Nessus Network Monitor | Database | medium |
| 9252 | Oracle MySQL 5.5.x < 5.5.46 / 5.6.x < 5.6.27 Multiple Vulnerabilities | Nessus Network Monitor | Database | high |
| 90366 | Amazon Linux AMI : mysql56 (ALAS-2016-684) | Nessus | Amazon Linux Local Security Checks | high |
| 87525 | SUSE SLED11 / SLES11 Security Update : mysql (SUSE-SU-2015:2303-1) | Nessus | SuSE Local Security Checks | high |
| 87442 | openSUSE Security Update : mysql (openSUSE-2015-889) (BACKRONYM) | Nessus | SuSE Local Security Checks | high |
| 86617 | Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : mysql-5.5, mysql-5.6 vulnerabilities (USN-2781-1) | Nessus | Ubuntu Local Security Checks | high |
| 86547 | MySQL 5.6.x < 5.6.27 Multiple Vulnerabilities | Nessus | Databases | high |
| 86546 | MySQL 5.5.x < 5.5.46 Multiple Vulnerabilities | Nessus | Databases | high |
| 85635 | CentOS 7 : mariadb (CESA-2015:1665) (BACKRONYM) | Nessus | CentOS Local Security Checks | medium |
| 85616 | RHEL 7 : mariadb (RHSA-2015:1665) (BACKRONYM) | Nessus | Red Hat Local Security Checks | medium |
| 85612 | Oracle Linux 7 : mariadb (ELSA-2015-1665) (BACKRONYM) | Nessus | Oracle Linux Local Security Checks | medium |
| 85539 | Oracle MySQL 5.6.x < 5.6.25 Multiple Vulnerabilities (July 2015 CPU) (October 2015 CPU) | Nessus | Databases | medium |
| 85536 | Oracle MySQL 5.5.x < 5.5.44 Multiple Vulnerabilities (July 2015 CPU) (October 2015 CPU) | Nessus | Databases | medium |
| 85488 | Oracle Linux 5 : mysql55-mysql (ELSA-2015-1628) | Nessus | Oracle Linux Local Security Checks | high |
| 85460 | CentOS 5 : mysql55-mysql (CESA-2015:1628) | Nessus | CentOS Local Security Checks | high |
| 85443 | RHEL 5 : mysql55-mysql (RHSA-2015:1628) | Nessus | Red Hat Local Security Checks | high |
| 84796 | MariaDB 10.0.x < 10.0.20 Multiple Vulnerabilities (BACKRONYM) | Nessus | Databases | medium |