CVE-2015-2575 — Improper Access Control in Mysql

CWE-284 — Improper Access Control7 documents6 sources

Severity

4.9MEDIUMNVD

EPSS

1.8%

top 17.28%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mysql Debian Linux Suse Linux Enterprise Desktop +2 more

Timeline

PublishedApr 16

Latest updateMay 17

Description

Unspecified vulnerability in the MySQL Connectors component in Oracle MySQL 5.1.34 and earlier allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Connector/J.

CVSS vector

AV:N/AC:M/C:P/I:P/A:NExploitability: 6.8 | Impact: 4.9

Affected Packages4 packages

▶NVDmysql/mysql5.1.34

▶NVDsuse/linux_enterprise_server11

▶NVDsuse/linux_enterprise_desktop11

▶NVDsuse/linux_enterprise_software_development_kit11

Also affects: Debian Linux 8.0

🔴Vulnerability Details

OSV

Improper Access Control in MySQL Connectors Java↗2022-05-17

▶

GHSA

Improper Access Control in MySQL Connectors Java↗2022-05-17

▶

OSV

CVE-2015-2575: Unspecified vulnerability in the MySQL Connectors component in Oracle MySQL 5↗2015-04-16

▶

CVEList

CVE-2015-2575: Unspecified vulnerability in the MySQL Connectors component in Oracle MySQL 5↗2015-04-16

▶

📋Vendor Advisories

Red Hat

mysql-connector-java: unspecified vulnerability related to Connector/J (CPU April 2015)↗2015-04-15

▶

💬Community

Bugzilla

CVE-2015-2575 mysql-connector-java: unspecified vulnerability related to Connector/J (CPU April 2015)↗2015-04-17

▶