CVE-2015-4879

MEDIUM

Description

Unspecified vulnerability in Oracle MySQL Server 5.5.44 and earlier, and 5.6.25 and earlier, allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to DML.

References

http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html

http://rhn.redhat.com/errata/RHSA-2015-1628.html

http://rhn.redhat.com/errata/RHSA-2016-0534.html

http://rhn.redhat.com/errata/RHSA-2016-1481.html

http://www.debian.org/security/2015/dsa-3377

http://www.debian.org/security/2015/dsa-3385

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

http://www.securityfocus.com/bid/77140

http://www.securitytracker.com/id/1033894

http://www.ubuntu.com/usn/USN-2781-1

https://access.redhat.com/errata/RHSA-2016:1132

Details

Source: MITRE

Published: 2015-10-21

Updated: 2019-12-27

Type: NVD-CWE-noinfo

Risk Information

CVSS v2.0

Base Score: 4.6

Vector: AV:N/AC:H/Au:S/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 3.9

Severity: MEDIUM

Vulnerable Software

Configuration 1

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

Configuration 2

cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*

cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*

Configuration 3

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* versions from 5.5.0 to 5.5.44 (inclusive)

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* versions from 5.6.0 to 5.6.25 (inclusive)

Configuration 4

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

Configuration 5

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*

Tenable Plugins

View all (23 total)

ID	Name	Product	Family	Severity
99774	EulerOS 2.0 SP1 : mariadb (EulerOS-SA-2016-1011)	Nessus	Huawei Local Security Checks	high
93846	MariaDB 5.5.x < 5.5.45 Multiple Vulnerabilities	Nessus	Databases	high
93845	MariaDB 10.0.x < 10.0.21 Multiple Vulnerabilities	Nessus	Databases	high
9252	Oracle MySQL 5.5.x < 5.5.46 / 5.6.x < 5.6.27 Multiple Vulnerabilities	Nessus Network Monitor	Database	high
90366	Amazon Linux AMI : mysql56 (ALAS-2016-684)	Nessus	Amazon Linux Local Security Checks	high
90345	Scientific Linux Security Update : mariadb on SL7.x x86_64 (20160404)	Nessus	Scientific Linux Local Security Checks	high
90300	RHEL 7 : mariadb (RHSA-2016:0534)	Nessus	Red Hat Local Security Checks	high
90296	Oracle Linux 7 : mariadb (ELSA-2016-0534)	Nessus	Oracle Linux Local Security Checks	high
90276	CentOS 7 : mariadb (CESA-2016:0534)	Nessus	CentOS Local Security Checks	high
89628	Fedora 23 : mariadb-10.0.23-1.fc23 (2016-e30164d0a2)	Nessus	Fedora Local Security Checks	high
87964	SUSE SLED12 / SLES12 Security Update : mariadb (SUSE-SU-2016:0121-1)	Nessus	SuSE Local Security Checks	high
87525	SUSE SLED11 / SLES11 Security Update : mysql (SUSE-SU-2015:2303-1)	Nessus	SuSE Local Security Checks	high
87442	openSUSE Security Update : mysql (openSUSE-2015-889) (BACKRONYM)	Nessus	SuSE Local Security Checks	high
86679	Debian DSA-3385-1 : mariadb-10.0 - security update	Nessus	Debian Local Security Checks	high
86660	Oracle MySQL 5.6.x < 5.6.26 Multiple Vulnerabilities (October 2015 CPU)	Nessus	Databases	high
86657	Oracle MySQL 5.5.x < 5.5.45 Multiple Vulnerabilities (October 2015 CPU)	Nessus	Databases	high
86617	Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : mysql-5.5, mysql-5.6 vulnerabilities (USN-2781-1)	Nessus	Ubuntu Local Security Checks	high
86580	Debian DSA-3377-1 : mysql-5.5 - security update	Nessus	Debian Local Security Checks	high
86547	MySQL 5.6.x < 5.6.27 Multiple Vulnerabilities	Nessus	Databases	high
86546	MySQL 5.5.x < 5.5.46 Multiple Vulnerabilities	Nessus	Databases	high
85488	Oracle Linux 5 : mysql55-mysql (ELSA-2015-1628)	Nessus	Oracle Linux Local Security Checks	high
85460	CentOS 5 : mysql55-mysql (CESA-2015:1628)	Nessus	CentOS Local Security Checks	high
85443	RHEL 5 : mysql55-mysql (RHSA-2015:1628)	Nessus	Red Hat Local Security Checks	high