CVE-2012-3147 — Sensitive Information Exposure in Oracle Mysql

CWE-200 — Sensitive Information Exposure6 documents6 sources

Severity

6.4MEDIUMNVD

EPSS

0.8%

top 26.38%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Openstack Nova Oracle Mysql

Timeline

PublishedOct 16

Latest updateMay 13

Description

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.26 and earlier allows remote attackers to affect integrity and availability, related to MySQL Client.

CVSS vector

AV:N/AC:L/C:N/I:P/A:PExploitability: 10.0 | Impact: 4.9

Affected Packages2 packages

▶NVDoracle/mysql5.5.26+25

▶PyPIopenstack/nova< 12.0.0a0

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-mwrr-h62p-wx32: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5↗2022-05-13

▶

GHSA

Openstack nova qcow format could expose host filesystem information↗2022-04-22

▶

📋Vendor Advisories

Ubuntu

MySQL vulnerabilities↗2012-11-05

▶

Red Hat

mysql: unspecified client vulnerability with integrity and availability impact↗2012-10-16

▶

💬Community

Bugzilla

CVE-2012-3147 mysql: unspecified client vulnerability with integrity and availability impact↗2012-10-17

▶