CVE-2015-5969

CWE-200 — Information Exposure4 documents4 sources

Severity

6.2MEDIUM

EPSS

0.1%

top 66.93%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Opensuse Leap Opensuse Opensuse Suse Linux Enterprise Desktop +3 more

Timeline

PublishedApr 8

Latest updateMay 14

Description

The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:NExploitability: 2.5 | Impact: 3.6

Affected Packages6 packages

▶NVDopensuse/leap42.1

▶NVDopensuse/opensuse13.2

▶NVDsuse/linux_enterprise_server12

▶NVDsuse/linux_enterprise_desktop12

▶NVDsuse/linux_enterprise_workstation_extension12

🔴Vulnerability Details

GHSA

GHSA-phcr-wcch-g43j: The mysql-systemd-helper script in the mysql-community-server package before 5↗2022-05-14

▶

CVEList

CVE-2015-5969: The mysql-systemd-helper script in the mysql-community-server package before 5↗2016-04-08

▶