Oracle MySQL 5.6.x < 5.6.23 Multiple Vulnerabilities

Medium Nessus Network Monitor Plugin ID 8762


The remote database server is missing a critical Oracle MySQL patch update.


The version of MySQL installed on the remote host is version 5.6.x prior to 5.6.23. It is, therefore, affected by errors in the following components :

- Server : InnoDB (CVE-2015-0439)

- Server : Optimizer (CVE-2015-0423)

- Server : Partition (CVE-2015-0438)

- Server : XA (CVE-2015-0405)

- Server : DML (CVE-2015-2566)


Upgrade to MySQL 5.6.23 or later.

See Also

Plugin Details

Severity: Medium

ID: 8762

Family: Database

Published: 2015/05/07

Modified: 2016/01/30

Dependencies: 8914

Risk Information

Risk Factor: Medium


Base Score: 4

Temporal Score: 3.5

Vector: CVSS2#AV:N/AC:L/Au:S/C:N/I:N/A:P

Temporal Vector: CVSS2#E:ND/RL:OF/RC:C


Base Score: 4.3

Temporal Score: 4.1


Temporal Vector: CVSS3#E:X/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:oracle:mysql

Patch Publication Date: 2015/04/14

Vulnerability Publication Date: 2015/04/14

Reference Information

CVE: CVE-2015-0439, CVE-2015-0423, CVE-2015-0438, CVE-2015-0405, CVE-2015-2566

BID: 74085, 74091, 74098, 74110, 74126

IAVA: 2015-A-0085