CVE-2016-0611Improper Access Control in Oracle Mysql

CWE-284Improper Access Control9 documents6 sources
Severity
4.0MEDIUMNVD
EPSS
0.7%
top 27.70%
CISA KEV
Not in KEV
Exploit
No known exploits
Affected products
5
Oracle MysqlCanonical Ubuntu LinuxOpensuse Leap+2 more
Timeline
PublishedJan 21
Latest updateMay 14

Description

Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.

CVSS vector

AV:N/AC:L/C:N/I:N/A:PExploitability: 8.0 | Impact: 2.9

Affected Packages3 packages

NVDoracle/mysql5.6.27+1
NVDopensuse/leap42.1
NVDopensuse/opensuse13.1, 13.2+1

Also affects: Ubuntu Linux 12.04, 14.04, 15.04, 15.10, Enterprise Linux 6.0, 7.0

Patches

Patch: www.oracle.comPatch: www.oracle.com

🔴Vulnerability Details

2
GHSA
GHSA-6qfj-pgpj-qjgh: Unspecified vulnerability in Oracle MySQL 52022-05-14
OSV
CVE-2016-0611: Unspecified vulnerability in Oracle MySQL 52016-01-20

📋Vendor Advisories

2
Ubuntu
MySQL vulnerabilities2016-01-26
Red Hat
mysql: unspecified vulnerability in subcomponent: Server: Optimizer (CPU January 2016)2015-01-20

💬Community

4
Bugzilla
mariadb: various flaws [fedora-all]2016-01-25
Bugzilla
community-mysql: various flaws [fedora-all]2016-01-25
Bugzilla
CVE-2016-0611 mysql: unspecified vulnerability in subcomponent: Server: Optimizer (CPU January 2016)2016-01-25
Bugzilla
mariadb-galera: various flaws [fedora-all]2016-01-25
CVE-2016-0611 — Improper Access Control in Oracle Mysql | cvebase