CVE-2014-6496 — Oracle Mysql vulnerability

10 documents8 sources

Severity

4.3MEDIUMNVD

EPSS

0.5%

top 34.21%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mariadb Juniper Junos Space Oracle Mysql +5 more

Timeline

PublishedOct 15

Latest updateMay 14

Description

Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect availability via vectors related to CLIENT:SSL:yaSSL, a different vulnerability than CVE-2014-6494.

CVSS vector

AV:N/AC:M/C:N/I:N/A:PExploitability: 8.6 | Impact: 2.9

Affected Packages8 packages

▶NVDoracle/mysql5.5.0 — 5.5.39+1

▶NVDoracle/solaris11.3

▶NVDsuse/linux_enterprise_server12

▶NVDmariadb/mariadb5.5.0 — 5.5.40+1

▶NVDjuniper/junos_space15.1

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-wrgj-j3g5-8865: Unspecified vulnerability in Oracle MySQL Server 5↗2022-05-14

▶

OSV

CVE-2014-6496: Unspecified vulnerability in Oracle MySQL Server 5↗2014-10-15

▶

CVEList

CVE-2014-6496: Unspecified vulnerability in Oracle MySQL Server 5↗2014-10-15

▶

📋Vendor Advisories

Ubuntu

MySQL vulnerabilities↗2014-10-15

▶

Red Hat

mysql: unspecified vulnerability related to CLIENT:SSL:yaSSL (CPU October 2014)↗2014-10-15

▶

Red Hat

mysql: unspecified vulnerability related to CLIENT:SSL:yaSSL (CPU October 2014)↗2014-10-15

▶

Debian

CVE-2014-6496: wolfssl - Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 ...↗2014

▶

💬Community

Bugzilla

CVE-2014-6496 mysql: unspecified vulnerability related to CLIENT:SSL:yaSSL (CPU October 2014)↗2014-10-16

▶

Bugzilla

CVE-2014-6494 mysql: unspecified vulnerability related to CLIENT:SSL:yaSSL (CPU October 2014)↗2014-10-16

▶