CVE-2016-0642 :: Enginsight Vulnerability Database

Provider	Type	Base Score	Atk. Vector	Atk. Complexity	Priv. Required	Vector
NIST	Primary	4.7 MEDIUM	LOCAL	HIGH	HIGH	CVSS:3.1/AV:L/AC:H/PR:H/UI:N/S:U/C:N/I:L/A:H

Base Score

CVSS 3.x

EPSS Score

Percentile: 58%

Affected Products (NVD)

Vendor	Product	Version
oracle	mysql	5.5.0 ≤ 𝑥 ≤ 5.5.48
oracle	mysql	5.6.0 ≤ 𝑥 ≤ 5.6.29
oracle	mysql	5.7.0 ≤ 𝑥 ≤ 5.7.11
opensuse	leap	42.1
opensuse	opensuse	13.2
redhat	enterprise_linux_desktop	7.0
redhat	enterprise_linux_eus	7.2
redhat	enterprise_linux_eus	7.3
redhat	enterprise_linux_eus	7.4
redhat	enterprise_linux_eus	7.5
redhat	enterprise_linux_eus	7.6
redhat	enterprise_linux_eus	7.7
redhat	enterprise_linux_server	7.0
redhat	enterprise_linux_server_aus	7.2
redhat	enterprise_linux_server_aus	7.3
redhat	enterprise_linux_server_aus	7.4
redhat	enterprise_linux_server_aus	7.6
redhat	enterprise_linux_server_aus	7.7
redhat	enterprise_linux_server_tus	7.2
redhat	enterprise_linux_server_tus	7.3
redhat	enterprise_linux_server_tus	7.6
redhat	enterprise_linux_server_tus	7.7
redhat	enterprise_linux_workstation	7.0
mariadb	mariadb	5.5.0 ≤ 𝑥 < 5.5.47
mariadb	mariadb	10.0.0 ≤ 𝑥 < 10.0.23
mariadb	mariadb	10.1.0 ≤ 𝑥 < 10.1.10
debian	debian_linux	8.0
canonical	ubuntu_linux	12.04
canonical	ubuntu_linux	14.04
canonical	ubuntu_linux	15.10
canonical	ubuntu_linux	16.04

𝑥

= Vulnerable software versions

Ubuntu Releases

Ubuntu Product

Codename

mariadb-10.0

artful	dne
bionic	dne
cosmic	dne
disco	dne
eoan	dne
focal	dne
groovy	dne
hirsute	dne
impish	dne
jammy	dne
kinetic	dne
lunar	dne
mantic	dne
noble	dne
precise	dne
trusty	dne
wily	Fixed 10.0.23-0ubuntu0.15.10.1 released
xenial	not-affected
yakkety	not-affected
zesty	dne

mariadb-5.5

artful	dne
bionic	dne
cosmic	dne
disco	dne
eoan	dne
focal	dne
groovy	dne
hirsute	dne
impish	dne
jammy	dne
kinetic	dne
lunar	dne
mantic	dne
noble	dne
precise	dne
trusty	Fixed 5.5.47-1ubuntu0.14.04.1 released
wily	dne
xenial	dne
yakkety	dne
zesty	dne

mysql-5.5

artful	dne
bionic	dne
cosmic	dne
disco	dne
eoan	dne
focal	dne
groovy	dne
hirsute	dne
impish	dne
jammy	dne
kinetic	dne
lunar	dne
mantic	dne
noble	dne
precise	Fixed 5.5.49-0ubuntu0.12.04.1 released
trusty	Fixed 5.5.49-0ubuntu0.14.04.1 released
vivid	dne
wily	dne
xenial	dne
yakkety	dne
zesty	dne

mysql-5.6

artful	dne
bionic	dne
cosmic	dne
disco	dne
eoan	dne
focal	dne
groovy	dne
hirsute	dne
impish	dne
jammy	dne
kinetic	dne
lunar	dne
mantic	dne
noble	dne
precise	dne
trusty	Fixed 5.6.30-0ubuntu0.14.04.1 released
wily	Fixed 5.6.30-0ubuntu0.15.10.1 released
xenial	dne
yakkety	dne
zesty	dne

mysql-5.7

artful	Fixed 5.7.13-0ubuntu4 released
bionic	Fixed 5.7.13-0ubuntu4 released
cosmic	Fixed 5.7.13-0ubuntu4 released
disco	Fixed 5.7.13-0ubuntu4 released
eoan	dne
focal	dne
groovy	dne
hirsute	dne
impish	dne
jammy	dne
kinetic	dne
lunar	dne
mantic	dne
noble	dne
precise	dne
trusty	dne
wily	dne
xenial	Fixed 5.7.12-0ubuntu1 released
yakkety	Fixed 5.7.13-0ubuntu4 released
zesty	Fixed 5.7.13-0ubuntu4 released

mysql-8.0

bionic	dne
disco	dne
eoan	not-affected
focal	not-affected
groovy	not-affected
hirsute	not-affected
impish	not-affected
jammy	not-affected
kinetic	not-affected
lunar	not-affected
mantic	not-affected
noble	not-affected
trusty	dne
xenial	dne

percona-server-5.6

artful	ignored
bionic	dne
cosmic	dne
disco	dne
eoan	dne
focal	dne
groovy	dne
hirsute	dne
impish	dne
jammy	dne
kinetic	dne
lunar	dne
mantic	dne
noble	dne
precise	dne
trusty	dne
wily	ignored
xenial	needed
yakkety	ignored
zesty	ignored

percona-xtradb-cluster-5.5

artful	dne
bionic	dne
cosmic	dne
disco	dne
eoan	dne
focal	dne
groovy	dne
hirsute	dne
impish	dne
jammy	dne
kinetic	dne
lunar	dne
mantic	dne
noble	dne
precise	dne
trusty	dne
wily	dne
xenial	dne
yakkety	dne
zesty	dne

percona-xtradb-cluster-5.6

artful	not-affected
bionic	dne
cosmic	dne
disco	dne
eoan	dne
focal	dne
groovy	dne
hirsute	dne
impish	dne
jammy	dne
kinetic	dne
lunar	dne
mantic	dne
noble	dne
precise	dne
trusty	dne
wily	ignored
xenial	Fixed 5.6.34-26.19-0ubuntu0.16.04.1 released
yakkety	Fixed 5.6.34-26.19-0ubuntu0.16.10.1 released
zesty	not-affected

References

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html

http://rhn.redhat.com/errata/RHSA-2016-0534.html

http://rhn.redhat.com/errata/RHSA-2016-0705.html

http://rhn.redhat.com/errata/RHSA-2016-1480.html

http://rhn.redhat.com/errata/RHSA-2016-1481.html

http://www.debian.org/security/2016/dsa-3557

http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

http://www.securityfocus.com/bid/86445

http://www.securitytracker.com/id/1035606

http://www.ubuntu.com/usn/USN-2953-1

http://www.ubuntu.com/usn/USN-2954-1

https://access.redhat.com/errata/RHSA-2016:1132

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html

http://rhn.redhat.com/errata/RHSA-2016-0534.html

http://rhn.redhat.com/errata/RHSA-2016-0705.html

http://rhn.redhat.com/errata/RHSA-2016-1480.html

http://rhn.redhat.com/errata/RHSA-2016-1481.html

http://www.debian.org/security/2016/dsa-3557

http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html

http://www.securityfocus.com/bid/86445

http://www.securitytracker.com/id/1035606

http://www.ubuntu.com/usn/USN-2953-1

http://www.ubuntu.com/usn/USN-2954-1

https://access.redhat.com/errata/RHSA-2016:1132