CVE-2016-8288 — Improper Access Control in Oracle Mysql

CWE-284 — Improper Access Control6 documents5 sources

Severity

3.1LOWNVD

EPSS

0.2%

top 55.51%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Oracle Mysql

Timeline

PublishedOct 25

Latest updateMay 14

Description

Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier and 5.7.12 and earlier allows remote authenticated users to affect integrity via vectors related to Server: InnoDB Plugin.

CVSS vector

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 1.6 | Impact: 1.4

Affected Packages1 packages

▶NVDoracle/mysql5.6.0 — 5.6.30+1

Patches

Patch: www.oracle.com ↗Patch: www.oracle.com ↗

🔴Vulnerability Details

GHSA

GHSA-h52q-hp7h-5x52: Unspecified vulnerability in Oracle MySQL 5↗2022-05-14

▶

OSV

CVE-2016-8288: Unspecified vulnerability in Oracle MySQL 5↗2016-10-25

▶

📋Vendor Advisories

Red Hat

mysql: unspecified vulnerability in subcomponent: Server: InnoDB Plugin (CPU October 2016)↗2016-10-19

▶

💬Community

Bugzilla

CVE-2016-3492 CVE-2016-5507 CVE-2016-5609 CVE-2016-5612 CVE-2016-5616 CVE-2016-5617 CVE-2016-5626 CVE-2016-5627 CVE-2016-5629 CVE-2016-5630 CVE-2016-8283 CVE-2016-8284 CVE-2016-8288 community-mysql: v↗2016-10-19

▶

Bugzilla

CVE-2016-8288 mysql: unspecified vulnerability in subcomponent: Server: InnoDB Plugin (CPU October 2016)↗2016-10-19

▶