Oracle MySQL 5.6.x < 5.6.23 Multiple Vulnerabilities

medium Nessus Network Monitor Plugin ID 8762


The remote database server is missing a critical Oracle MySQL patch update.


The version of MySQL installed on the remote host is version 5.6.x prior to 5.6.23. It is, therefore, affected by errors in the following components :

- Server : InnoDB (CVE-2015-0439)

- Server : Optimizer (CVE-2015-0423)

- Server : Partition (CVE-2015-0438)

- Server : XA (CVE-2015-0405)

- Server : DML (CVE-2015-2566)


Upgrade to MySQL 5.6.23 or later.

See Also

Plugin Details

Severity: Medium

ID: 8762

Family: Database

Published: 5/7/2015

Updated: 3/6/2019

Risk Information


Risk Factor: Medium

Base Score: 4

Temporal Score: 3.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C


Risk Factor: Medium

Base Score: 4.3

Temporal Score: 4.1

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L

Temporal Vector: CVSS:3.0/E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*

Patch Publication Date: 4/14/2015

Vulnerability Publication Date: 4/14/2015

Reference Information

CVE: CVE-2015-0405, CVE-2015-0423, CVE-2015-0438, CVE-2015-0439, CVE-2015-2566

BID: 74085, 74091, 74098, 74110, 74126

IAVA: 2015-A-0085