CVE-2016-5584

LOW

Description

Unspecified vulnerability in Oracle MySQL 5.5.52 and earlier, 5.6.33 and earlier, and 5.7.15 and earlier allows remote administrators to affect confidentiality via vectors related to Server: Security: Encryption.

References

http://www.debian.org/security/2016/dsa-3706

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

http://www.securityfocus.com/bid/93735

http://www.securitytracker.com/id/1037050

https://mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/

https://security.gentoo.org/glsa/201701-01

Details

Source: MITRE

Published: 2016-10-25

Updated: 2019-03-04

Type: CWE-200

Risk Information

CVSS v2.0

Base Score: 3.5

Vector: AV:N/AC:M/Au:S/C:P/I:N/A:N

Impact Score: 2.9

Exploitability Score: 6.8

Severity: LOW

CVSS v3.0

Base Score: 4.4

Vector: CVSS:3.0/AV:N/AC:H/PR:H/UI:N/S:U/C:H/I:N/A:N

Impact Score: 3.6

Exploitability Score: 0.7

Severity: MEDIUM