Vulnerability Details : CVE-2012-1688

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.61 and earlier, and 5.5.21 and earlier, allows remote authenticated users to affect availability, related to Server DML.

Published 2012-05-03 22:55:02

Updated 2022-08-26 20:31:51

Source Oracle

View at NVD, CVE.org

Threat overview for CVE-2012-1688

Top countries where our scanners detected CVE-2012-1688

Top open port discovered on systems with this issue 3306

IPs affected by CVE-2012-1688 21,871

Threat actors abusing to this issue? Yes

Find out if you^* are affected by CVE-2012-1688!

^*Directly or indirectly through your vendors, service providers and 3rd parties. Powered by attack surface intelligence from SecurityScorecard.

Exploit prediction scoring system (EPSS) score for CVE-2012-1688

Probability of exploitation activity in the next 30 days: 0.35%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 68 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2012-1688

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Source
4.0	MEDIUM	AV:N/AC:L/Au:S/C:N/I:N/A:P	8.0	2.9	nvd@nist.gov
Access Vector: Network Access Complexity: Low Authentication: Single Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

References for CVE-2012-1688

http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html

Oracle Critical Patch Update - April 2012
Vendor Advisory

CVEs referencing this url
http://www.mandriva.com/security/advisories?name=MDVSA-2013:150

mandriva.com
Broken Link

CVEs referencing this url
http://www.securityfocus.com/bid/53067

Oracle MySQL CVE-2012-1688 Remote MySQL Server Vulnerability
Third Party Advisory;VDB Entry
http://www.securitytracker.com/id?1026934

MySQL Multiple Bugs Let Remote Users Deny Service - SecurityTracker
Broken Link;Third Party Advisory;VDB Entry

CVEs referencing this url
http://security.gentoo.org/glsa/glsa-201308-06.xml

MySQL: Multiple vulnerabilities (GLSA 201308-06) — Gentoo security
Third Party Advisory

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2012-1462.html

RHSA-2012:1462 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url

Products affected by CVE-2012-1688

Redhat » Enterprise Linux Desktop » Version: 6.0
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Eus » Version: 6.3
cpe:2.3:o:redhat:enterprise_linux_eus:6.3:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Server » Version: 6.0
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux Workstation » Version: 6.0
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql
Versions from including (>=) 5.5.0 and up to, including, (<=) 5.5.21
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql
Versions from including (>=) 5.1.0 and up to, including, (<=) 5.1.61
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
Matching versions
Mariadb » Mariadb
Versions from including (>=) 5.5.0 and before (<) 5.5.22
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
Matching versions
Mariadb » Mariadb
Versions from including (>=) 5.1.0 and before (<) 5.1.62
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
Matching versions