CVE-2016-3452: Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and…

low3.7CVSS 3.0

AVNACHPRNUINSUCLINAN

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.

Affected

13 ranges

Vendor	Product	Version range	Fixed in
ibm	powerkvm	—	—
ibm	powerkvm	—	—
mariadb	mariadb	>= 0 < 5.5.51-r0	5.5.51-r0
mariadb	mariadb	>= 0 < 10.1.17-r0	10.1.17-r0
mariadb	mariadb	>= 10.0.0 < 10.0.25	10.0.25
mariadb	mariadb	>= 10.1.0 < 10.1.14	10.1.14
mariadb	mariadb	>= 5.5.20 < 5.5.49	5.5.49
oracle	linux	—	—
oracle	mysql	5.5.0 – 5.5.48	—
oracle	mysql	5.6.0 – 5.6.29	—
oracle	mysql	5.7.0 – 5.7.10	—
redhat	enterprise_linux	—	—
redhat	enterprise_linux	—	—

CVSS provenance

nvdv3.03.7LOWCVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

osv3.7LOW