CVE-2014-2436

EUVD-2014-2472
Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RBR.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
6.5 UNKNOWN
NETWORK
LOW
AV:N/AC:L/Au:S/C:P/I:P/A:P
Base Score
CVSS 3.x
EPSS Score
Percentile: 75%
Affected Products (NVD)
VendorProductVersion
oraclemysql
5.5.0 ≤
𝑥
≤ 5.5.36
oraclemysql
5.6.0 ≤
𝑥
≤ 5.6.16
oraclesolaris
11.3
mariadbmariadb
5.5.0 ≤
𝑥
< 5.5.37
mariadbmariadb
10.0.0 ≤
𝑥
< 10.0.11
redhatenterprise_linux_desktop
5.0
redhatenterprise_linux_desktop
7.0
redhatenterprise_linux_eus
7.3
redhatenterprise_linux_eus
7.4
redhatenterprise_linux_eus
7.5
redhatenterprise_linux_eus
7.6
redhatenterprise_linux_eus
7.7
redhatenterprise_linux_server
5.0
redhatenterprise_linux_server
7.0
redhatenterprise_linux_server_aus
7.3
redhatenterprise_linux_server_aus
7.4
redhatenterprise_linux_server_aus
7.6
redhatenterprise_linux_server_aus
7.7
redhatenterprise_linux_server_tus
7.3
redhatenterprise_linux_server_tus
7.6
redhatenterprise_linux_server_tus
7.7
redhatenterprise_linux_workstation
5.0
redhatenterprise_linux_workstation
7.0
𝑥
= Vulnerable software versions
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
mysql-5.5
lucid
dne
precise
Fixed 5.5.37-0ubuntu0.12.04.1
released
quantal
Fixed 5.5.37-0ubuntu0.12.10.1
released
saucy
Fixed 5.5.37-0ubuntu0.13.10.1
released
trusty
Fixed 5.5.37-0ubuntu0.14.04.1
released
mysql-5.6
lucid
dne
precise
dne
quantal
dne
saucy
dne
trusty
Fixed 5.6.17-0ubuntu0.14.04.1
released
mysql-dfsg-5.1
lucid
not-affected
precise
dne
quantal
dne
saucy
dne
trusty
dne
References
http://rhn.redhat.com/errata/RHSA-2014-0522.html
http://rhn.redhat.com/errata/RHSA-2014-0536.html
http://rhn.redhat.com/errata/RHSA-2014-0537.html
http://rhn.redhat.com/errata/RHSA-2014-0702.html
http://security.gentoo.org/glsa/glsa-201409-04.xml
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
http://www.securityfocus.com/bid/66896
http://rhn.redhat.com/errata/RHSA-2014-0522.html
http://rhn.redhat.com/errata/RHSA-2014-0536.html
http://rhn.redhat.com/errata/RHSA-2014-0537.html
http://rhn.redhat.com/errata/RHSA-2014-0702.html
http://security.gentoo.org/glsa/glsa-201409-04.xml
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
http://www.securityfocus.com/bid/66896