Vulnerability Details : CVE-2016-0644
Unspecified vulnerability in Oracle MySQL 5.5.47 and earlier, 5.6.28 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.48, 10.0.x before 10.0.24, and 10.1.x before 10.1.12 allows local users to affect availability via vectors related to DDL.
Threat overview for CVE-2016-0644
Top countries where our scanners detected CVE-2016-0644
Top open port discovered on systems with this issue
53
IPs affected by CVE-2016-0644 129,617
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2016-0644!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2016-0644
Probability of exploitation activity in the next 30 days: 0.04%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 8 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2016-0644
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
4.0
|
MEDIUM | AV:N/AC:L/Au:S/C:N/I:N/A:P |
8.0
|
2.9
|
NIST |
|
5.5
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H |
1.8
|
3.6
|
NIST |
References for CVE-2016-0644
-
http://rhn.redhat.com/errata/RHSA-2016-1481.html
RHSA-2016:1481 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168
IBM Security Bulletin: Multiple vulnerabilities in mariadb affect PowerKVMThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html
[security-announce] SUSE-SU-2016:1279-1: important: Security update forMailing List;Third Party Advisory
-
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
cpuapr2016v3Patch;Vendor Advisory
-
http://www.securitytracker.com/id/1035606
MySQL Multiple Bugs Let Remote Users Access and Modify Data and Deny Service and Let Remote and Remote Authenticated Users Gain Elevated Privileges - SecurityTrackerThird Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html
[security-announce] openSUSE-SU-2016:1664-1: important: Security updateMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html
[security-announce] SUSE-SU-2016:1620-1: important: Security update forMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html
[security-announce] openSUSE-SU-2016:1332-1: important: Security updateMailing List;Third Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html
[security-announce] SUSE-SU-2016:1619-1: important: Security update forMailing List;Third Party Advisory
-
https://mariadb.com/kb/en/mariadb/mariadb-10112-release-notes/
MariaDB 10.1.12 Release Notes - MariaDB Knowledge BaseVendor Advisory
-
https://mariadb.com/kb/en/mariadb/mariadb-5548-release-notes/
MariaDB 5.5.48 Release Notes - MariaDB Knowledge BaseVendor Advisory
-
http://www.securityfocus.com/bid/86442
Oracle MySQL CVE-2016-0644 Remote Security VulnerabilityThird Party Advisory;VDB Entry
-
http://rhn.redhat.com/errata/RHSA-2016-1602.html
RHSA-2016:1602 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.debian.org/security/2016/dsa-3595
Debian -- Security Information -- DSA-3595-1 mariadb-10.0Third Party Advisory
-
http://www.debian.org/security/2016/dsa-3557
Debian -- Security Information -- DSA-3557-1 mysql-5.5Third Party Advisory
-
https://access.redhat.com/errata/RHSA-2016:1132
RHSA-2016:1132 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2016-0705.html
RHSA-2016:0705 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
https://mariadb.com/kb/en/mariadb/mariadb-10024-release-notes/
MariaDB 10.0.24 Release Notes - MariaDB Knowledge BaseVendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html
[security-announce] openSUSE-SU-2016:1686-1: important: Security updateThird Party Advisory
-
http://www.ubuntu.com/usn/USN-2953-1
USN-2953-1: MySQL vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
Oracle Linux Bulletin - July 2016Vendor Advisory
-
http://rhn.redhat.com/errata/RHSA-2016-1480.html
RHSA-2016:1480 - Security Advisory - Red Hat Customer PortalThird Party Advisory
Products affected by CVE-2016-0644
- cpe:2.3:a:ibm:powerkvm:3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ibm:powerkvm:2.1:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*