CVE-2016-0607 : Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows re

Unspecified vulnerability in Oracle MySQL 5.6.27 and earlier and 5.7.9 allows remote authenticated users to affect availability via unknown vectors related to replication.

Published 2016-01-21 03:02:34

Updated 2019-04-22 17:48:01

Source Oracle

View at NVD, CVE.org

Products affected by CVE-2016-0607

Redhat » Enterprise Linux » Version: 6.0
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
Matching versions
Redhat » Enterprise Linux » Version: 7.0
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql
Versions up to, including, (<=) 5.6.27
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
Matching versions
Oracle » Mysql » Version: 5.7.9
cpe:2.3:a:oracle:mysql:5.7.9:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 15.04
cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 15.10
cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 12.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
Matching versions
Canonical » Ubuntu Linux » Version: 14.04 LTS Edition
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
Matching versions
Opensuse » Opensuse » Version: 13.2
cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*
Matching versions
Opensuse » Opensuse » Version: 13.1
cpe:2.3:o:opensuse:opensuse:13.1:*:*:*:*:*:*:*
Matching versions
Opensuse » Leap » Version: 42.1
cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2016-0607

EPSS FAQ

0.35%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 72 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2016-0607

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source	First Seen
2.8	LOW	AV:N/AC:M/Au:M/C:N/I:N/A:P	5.5	2.9	NIST
Access Vector: Network Access Complexity: Medium Authentication: Multiple Confidentiality Impact: None Integrity Impact: None Availability Impact: Partial

References for CVE-2016-0607

http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html

Oracle Critical Patch Update - January 2016
Vendor Advisory

CVEs referencing this url
http://www.ubuntu.com/usn/USN-2881-1

USN-2881-1: MySQL vulnerabilities | Ubuntu security notices
Third Party Advisory

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00016.html

[security-announce] openSUSE-SU-2016:0377-1: important: Security update
Third Party Advisory

CVEs referencing this url
http://www.securitytracker.com/id/1034708

MySQL Multiple Bugs Let Remote Users Access Data and Deny Service, Remote Authenticated Users Modify Data, and Local Users Gain Elevated Privileges - SecurityTracker
Third Party Advisory;VDB Entry

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-02/msg00015.html

[security-announce] openSUSE-SU-2016:0367-1: important: Security update
Third Party Advisory

CVEs referencing this url
http://www.securityfocus.com/bid/81238

Oracle MySQL CVE-2016-0607 Remote Security Vulnerability
Third Party Advisory;VDB Entry
http://rhn.redhat.com/errata/RHSA-2016-0705.html

RHSA-2016:0705 - Security Advisory - Red Hat Customer Portal
Third Party Advisory

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2016-0607

Products affected by CVE-2016-0607

Exploit prediction scoring system (EPSS) score for CVE-2016-0607

CVSS scores for CVE-2016-0607

References for CVE-2016-0607