CVE-2016-0661

LOW

Description

Unspecified vulnerability in Oracle MySQL 5.6.28 and earlier and 5.7.10 and earlier allows local users to affect availability via vectors related to Options.

References

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html

http://rhn.redhat.com/errata/RHSA-2016-0705.html

http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

http://www.securityfocus.com/bid/86511

http://www.securitytracker.com/id/1035606

http://www.ubuntu.com/usn/USN-2953-1

Details

Source: MITRE

Published: 2016-04-21

Updated: 2019-04-22

Risk Information

CVSS v2.0

Base Score: 3.5

Vector: AV:N/AC:M/Au:S/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 6.8

Severity: LOW

CVSS v3.0

Base Score: 4.7

Vector: CVSS:3.0/AV:L/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 1

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* versions from 5.6.0 to 5.6.28 (inclusive)

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* versions from 5.7.0 to 5.7.10 (inclusive)

Configuration 2

OR

cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*

Tenable Plugins

View all (9 total)

IDNameProductFamilySeverity
91277openSUSE Security Update : mysql-community-server (openSUSE-2016-607)NessusSuSE Local Security Checks
critical
90847FreeBSD : MySQL -- multiple vulnerabilities (8c2b2f11-0ebe-11e6-b55e-b499baebfeaf)NessusFreeBSD Local Security Checks
critical
90833Oracle MySQL 5.7.x < 5.7.11 Multiple Vulnerabilities (April 2016 CPU) (July 2016 CPU)NessusDatabases
medium
90831Oracle MySQL 5.6.x < 5.6.29 Multiple Vulnerabilities (April 2016 CPU)NessusDatabases
medium
90678Ubuntu 12.04 LTS / 14.04 LTS / 15.10 : mysql-5.5, mysql-5.6 vulnerabilities (USN-2953-1)NessusUbuntu Local Security Checks
critical
9259Oracle MySQL 5.5.x < 5.5.48 / 5.6.x < 5.6.29 / 5.7.x < 5.7.11 Multiple VulnerabilitiesNessus Network MonitorDatabase
medium
9238MySQL 5.6.x < 5.6.29 Multiple DoSNessus Network MonitorDatabase
medium
89056MySQL 5.7.x < 5.7.11 Multiple VulnerabilitiesNessusDatabases
medium
89055MySQL 5.6.x < 5.6.29 Multiple VulnerabilitiesNessusDatabases
medium