CVE-2015-4895 : Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remot

Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.

Published 2015-10-21 23:59:56

Updated 2022-09-20 20:26:29

Source Oracle

View at NVD, CVE.org

Products affected by CVE-2015-4895

Debian » Debian Linux » Version: 8.0
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql
Versions from including (>=) 5.6.0 and up to, including, (<=) 5.6.25
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 12.04
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 14.04 ESM Edition
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:esm:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 15.04
cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 15.10
cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
Matching versions
Fedoraproject » Fedora » Version: 23
cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
Matching versions
Mariadb » Mariadb
Versions from including (>=) 10.1.0 and before (<) 10.1.8
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
Matching versions
Mariadb » Mariadb
Versions from including (>=) 10.0.0 and before (<) 10.0.21
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2015-4895

EPSS FAQ

0.38%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 73 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2015-4895

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
3.5	LOW	AV:N/AC:M/Au:S/C:N/I:N/A:P	6.8	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: Single Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

References for CVE-2015-4895

http://www.ubuntu.com/usn/USN-2781-1

USN-2781-1: MySQL vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/77136

Oracle MySQL Server CVE-2015-4895 Remote Security Vulnerability
Third Party Advisory;VDB Entry
http://www.securitytracker.com/id/1033894

MySQL Multiple Bugs Let Remote Users Access and Modify Data, Remote and Local Users Deny Service, and Local Users Gain Elevated Privileges - SecurityTracker
Broken Link;Third Party Advisory;VDB Entry

CVEs referencing this url
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.html

[SECURITY] Fedora 23 Update: mariadb-10.0.23-1.fc23
Mailing List;Third Party Advisory

CVEs referencing this url
http://www.debian.org/security/2015/dsa-3385

Debian -- Security Information -- DSA-3385-1 mariadb-10.0
Third Party Advisory

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2016:1132

RHSA-2016:1132 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

Oracle Critical Patch Update - October 2015
Vendor Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2015-4895

Products affected by CVE-2015-4895

Exploit prediction scoring system (EPSS) score for CVE-2015-4895

CVSS scores for CVE-2015-4895

References for CVE-2015-4895