CVE-2015-2648

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.

CVSS v2.0 4.0 MEDIUM

4.0^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:L/Au:S/C:N/I:N/A:P

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html	Patch Vendor Advisory
http://www.ubuntu.com/usn/USN-2674-1	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1630.html	Third Party Advisory
http://www.debian.org/security/2015/dsa-3308	Third Party Advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html	Vendor Advisory
http://www.securityfocus.com/bid/75822	Third Party Advisory VDB Entry
http://rhn.redhat.com/errata/RHSA-2015-1629.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1628.html	Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html	Mailing List Third Party Advisory
https://security.gentoo.org/glsa/201610-06	Third Party Advisory
http://www.securitytracker.com/id/1032911	Third Party Advisory VDB Entry
http://www.debian.org/security/2015/dsa-3311	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1665.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1647.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1646.html	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:mysql::::::::
	cpe:2.3:a:oracle:mysql::::::::

Configuration 2 (hide)

cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*

Configuration 3 (hide)

OR	cpe:2.3:o:debian:debian_linux:8.0:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:14.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*

Information

Published : 2015-07-16 11:00

Updated : 2019-02-05 18:12

NVD link : CVE-2015-2648

Mitre link : CVE-2015-2648

JSON object : View

Products Affected

canonical

ubuntu_linux

oracle

solaris
mysql

debian

debian_linux

CWE

NVD-CWE-noinfo

{"cve": {"data_type": "CVE", "references": {"reference_data": [{"url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "tags": ["Patch", "Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.ubuntu.com/usn/USN-2674-1", "name": "USN-2674-1", "tags": ["Third Party Advisory"], "refsource": "UBUNTU"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-1630.html", "name": "RHSA-2015:1630", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "http://www.debian.org/security/2015/dsa-3308", "name": "DSA-3308", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "tags": ["Vendor Advisory"], "refsource": "CONFIRM"}, {"url": "http://www.securityfocus.com/bid/75822", "name": "75822", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "BID"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-1629.html", "name": "RHSA-2015:1629", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-1628.html", "name": "RHSA-2015:1628", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html", "name": "openSUSE-SU-2015:1629", "tags": ["Mailing List", "Third Party Advisory"], "refsource": "SUSE"}, {"url": "https://security.gentoo.org/glsa/201610-06", "name": "GLSA-201610-06", "tags": ["Third Party Advisory"], "refsource": "GENTOO"}, {"url": "http://www.securitytracker.com/id/1032911", "name": "1032911", "tags": ["Third Party Advisory", "VDB Entry"], "refsource": "SECTRACK"}, {"url": "http://www.debian.org/security/2015/dsa-3311", "name": "DSA-3311", "tags": ["Third Party Advisory"], "refsource": "DEBIAN"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-1665.html", "name": "RHSA-2015:1665", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-1647.html", "name": "RHSA-2015:1647", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}, {"url": "http://rhn.redhat.com/errata/RHSA-2015-1646.html", "name": "RHSA-2015:1646", "tags": ["Third Party Advisory"], "refsource": "REDHAT"}]}, "data_format": "MITRE", "description": {"description_data": [{"lang": "en", "value": "Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}]}, "data_version": "4.0", "CVE_data_meta": {"ID": "CVE-2015-2648", "ASSIGNER": "secalert_us@oracle.com"}}, "impact": {"baseMetricV2": {"cvssV2": {"version": "2.0", "baseScore": 4.0, "accessVector": "NETWORK", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "authentication": "SINGLE", "integrityImpact": "NONE", "accessComplexity": "LOW", "availabilityImpact": "PARTIAL", "confidentialityImpact": "NONE"}, "severity": "MEDIUM", "acInsufInfo": false, "impactScore": 2.9, "obtainAllPrivilege": false, "exploitabilityScore": 8.0, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}}, "publishedDate": "2015-07-16T11:00Z", "configurations": {"nodes": [{"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "5.5.43", "versionStartIncluding": "5.5.0"}, {"cpe23Uri": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true, "versionEndIncluding": "5.6.24", "versionStartIncluding": "5.6.0"}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}, {"children": [], "operator": "OR", "cpe_match": [{"cpe23Uri": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}, {"cpe23Uri": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "cpe_name": [], "vulnerable": true}]}], "CVE_data_version": "4.0"}, "lastModifiedDate": "2019-02-05T18:12Z"}