CVE-2016-5590

EUVD-2016-6534
Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Agent). Supported versions that are affected are 3.1.3.7856 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via TLS to compromise MySQL Enterprise Monitor. Successful attacks of this vulnerability can result in takeover of MySQL Enterprise Monitor. CVSS v3.0 Base Score 7.2 (Confidentiality, Integrity and Availability impacts).
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
7.2 HIGH
NETWORK
LOW
HIGH
CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H
Base Score
CVSS 3.x
EPSS Score
Percentile: 73%
Affected Products (NVD)
VendorProductVersion
oraclemysql_enterprise_monitor
𝑥
≤ 3.1.3.7856
𝑥
= Vulnerable software versions
References
http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html
http://www.securityfocus.com/bid/95542
http://www.securitytracker.com/id/1037640
http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html
http://www.securityfocus.com/bid/95542
http://www.securitytracker.com/id/1037640