CVE-2013-3801 — Sensitive Information Exposure in Oracle Mysql

CWE-200 — Sensitive Information Exposure8 documents6 sources

Severity

5.0MEDIUMNVD

EPSS

0.6%

top 29.93%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mariadb Oracle Mysql Opensuse +3 more

Timeline

PublishedJul 17

Latest updateMay 14

Description

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 10.0 | Impact: 2.9

Affected Packages6 packages

▶NVDoracle/mysql5.5.0 — 5.5.30+1

▶NVDsuse/linux_enterprise_server11

▶NVDmariadb/mariadb5.5.0 — 5.5.31+1

▶NVDopensuse/opensuse11.4, 12.2, 12.3+2

▶NVDsuse/linux_enterprise_desktop11

🔴Vulnerability Details

GHSA

OpenStack Heat template URL information leakage↗2022-05-14

▶

GHSA

GHSA-vvp5-hx8c-5hqm: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5↗2022-05-13

▶

CVEList

CVE-2013-3801: Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5↗2013-07-17

▶

📋Vendor Advisories

Red Hat

openstack-heat: authenticated information leak in Heat↗2014-04-23

▶

Red Hat

mysql: unspecified DoS related to Server Options (CPU July 2013)↗2013-07-17

▶

💬Community

Bugzilla

CVE-2014-3801 openstack-heat: authenticated information leak in Heat↗2014-05-21

▶

Bugzilla

CVE-2013-3801 mysql: unspecified DoS related to Server Options (CPU July 2013)↗2013-07-18

▶