CVE-2015-4858 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	NIST	4 UNKNOWN	NETWORK	LOW		AV:N/AC:L/Au:S/C:N/I:N/A:P
oracle	CNA	---				---
CVE	ADP	---				---

Base Score

CVSS 3.x

EPSS Score

Percentile: 59%

Vendor	Product	Version
oracle	solaris	11.3
opensuse	leap	42.1
opensuse	opensuse	13.1
opensuse	opensuse	13.2
oracle	mysql	5.5.0 ≤ 𝑥 ≤ 5.5.45
oracle	mysql	5.6.0 ≤ 𝑥 ≤ 5.6.26
mariadb	mariadb	5.5.0 ≤ 𝑥 < 5.5.46
mariadb	mariadb	10.0.0 ≤ 𝑥 < 10.0.22
mariadb	mariadb	10.1.0 ≤ 𝑥 < 10.1.8
canonical	ubuntu_linux	12.04
canonical	ubuntu_linux	14.04
canonical	ubuntu_linux	15.04
canonical	ubuntu_linux	15.10
debian	debian_linux	7.0
debian	debian_linux	8.0
redhat	enterprise_linux_desktop	7.0
redhat	enterprise_linux_eus	7.1
redhat	enterprise_linux_eus	7.2
redhat	enterprise_linux_eus	7.3
redhat	enterprise_linux_eus	7.4
redhat	enterprise_linux_eus	7.5
redhat	enterprise_linux_eus	7.6
redhat	enterprise_linux_eus	7.7
redhat	enterprise_linux_server	7.0
redhat	enterprise_linux_server_aus	7.3
redhat	enterprise_linux_server_aus	7.4
redhat	enterprise_linux_server_aus	7.6
redhat	enterprise_linux_server_aus	7.7
redhat	enterprise_linux_server_tus	7.3
redhat	enterprise_linux_server_tus	7.6
redhat	enterprise_linux_server_tus	7.7
redhat	enterprise_linux_workstation	7.0

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

mariadb-10.0

noble	dne
mantic	dne
jammy	dne
impish	dne
hirsute	dne
groovy	dne
focal	dne
eoan	dne
disco	dne
cosmic	dne
bionic	dne
artful	dne
zesty	dne
yakkety	Fixed 10.0.22-0ubuntu1 released
xenial	Fixed 10.0.22-0ubuntu1 released
wily	Fixed 10.0.22-0ubuntu0.15.10.1 released
vivid	Fixed 10.0.22-0ubuntu0.15.04.1 released
trusty	dne
precise	dne

mariadb-5.5

noble	dne
mantic	dne
jammy	dne
impish	dne
hirsute	dne
groovy	dne
focal	dne
eoan	dne
disco	dne
cosmic	dne
bionic	dne
artful	dne
zesty	dne
yakkety	dne
xenial	dne
wily	dne
vivid	dne
trusty	Fixed 5.5.46-1ubuntu0.14.04.2 released
precise	dne

mysql-5.5

noble	dne
mantic	dne
jammy	dne
impish	dne
hirsute	dne
groovy	dne
focal	dne
eoan	dne
disco	dne
cosmic	dne
bionic	dne
artful	dne
zesty	dne
yakkety	dne
xenial	dne
wily	dne
vivid	dne
trusty	Fixed 5.5.46-0ubuntu0.14.04.2 released
precise	Fixed 5.5.46-0ubuntu0.12.04.2 released

mysql-5.6

noble	dne
mantic	dne
jammy	dne
impish	dne
hirsute	dne
groovy	dne
focal	dne
eoan	dne
disco	dne
cosmic	dne
bionic	dne
artful	dne
zesty	dne
yakkety	dne
xenial	dne
wily	Fixed 5.6.27-0ubuntu1 released
vivid	Fixed 5.6.27-0ubuntu0.15.04.1 released
trusty	Fixed 5.6.27-0ubuntu0.14.04.1 released
precise	dne

percona-server-5.6

noble	dne
mantic	dne
jammy	dne
impish	dne
hirsute	dne
groovy	dne
focal	dne
eoan	dne
disco	dne
cosmic	dne
bionic	dne
artful	ignored
zesty	ignored
yakkety	ignored
xenial	needed
wily	ignored
vivid	ignored
trusty	dne
precise	dne

percona-xtradb-cluster-5.5

noble	dne
mantic	dne
jammy	dne
impish	dne
hirsute	dne
groovy	dne
focal	dne
eoan	dne
disco	dne
cosmic	dne
bionic	dne
artful	dne
zesty	dne
yakkety	dne
xenial	dne
wily	dne
vivid	dne
trusty	dne
precise	dne

percona-xtradb-cluster-5.6

noble	dne
mantic	dne
jammy	dne
impish	dne
hirsute	dne
groovy	dne
focal	dne
eoan	dne
disco	dne
cosmic	dne
bionic	dne
artful	not-affected
zesty	not-affected
yakkety	Fixed 5.6.34-26.19-0ubuntu0.16.10.1 released
xenial	Fixed 5.6.34-26.19-0ubuntu0.16.04.1 released
wily	ignored
vivid	ignored
trusty	dne
precise	dne

References

http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html

http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html

http://rhn.redhat.com/errata/RHSA-2016-0534.html

http://rhn.redhat.com/errata/RHSA-2016-0705.html

http://rhn.redhat.com/errata/RHSA-2016-1480.html

http://rhn.redhat.com/errata/RHSA-2016-1481.html

http://www.debian.org/security/2015/dsa-3377

http://www.debian.org/security/2015/dsa-3385

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

http://www.securityfocus.com/bid/77145

http://www.securitytracker.com/id/1033894

http://www.ubuntu.com/usn/USN-2781-1

https://access.redhat.com/errata/RHSA-2016:1132

https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html

http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00010.html

http://lists.opensuse.org/opensuse-security-announce/2015-12/msg00011.html

http://lists.opensuse.org/opensuse-updates/2016-02/msg00039.html

http://rhn.redhat.com/errata/RHSA-2016-0534.html

http://rhn.redhat.com/errata/RHSA-2016-0705.html

http://rhn.redhat.com/errata/RHSA-2016-1480.html

http://rhn.redhat.com/errata/RHSA-2016-1481.html

http://www.debian.org/security/2015/dsa-3377

http://www.debian.org/security/2015/dsa-3385

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

http://www.securityfocus.com/bid/77145

http://www.securitytracker.com/id/1033894

http://www.ubuntu.com/usn/USN-2781-1

https://access.redhat.com/errata/RHSA-2016:1132

https://www.suse.com/support/update/announcement/2016/suse-su-20160296-1.html