Vulnerability Details : CVE-2016-0616
Unspecified vulnerability in Oracle MySQL 5.5.46 and earlier and MariaDB before 5.5.47, 10.0.x before 10.0.23, and 10.1.x before 10.1.10 allows remote authenticated users to affect availability via unknown vectors related to Optimizer.
Products affected by CVE-2016-0616
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_hpc_node_eus:7.2:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
- cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
- cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.1.6:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.1.5:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.0.19:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.0.18:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.0.11:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.0.10:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.0.3:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.0.2:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.1.8:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.1.7:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.0.21:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.0.20:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.0.13:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.0.12:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.0.5:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.0.4:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.1.1:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.1.0:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.0.15:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.0.14:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.0.7:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.0.6:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.1.4:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.1.3:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.1.2:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.0.17:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.0.16:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.0.9:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.0.8:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.0.1:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.0.0:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.1.9:*:*:*:*:*:*:*
- cpe:2.3:a:mariadb:mariadb:10.0.22:*:*:*:*:*:*:*
Threat overview for CVE-2016-0616
Top countries where our scanners detected CVE-2016-0616
Top open port discovered on systems with this issue
3306
IPs affected by CVE-2016-0616 394,318
Threat actors abusing to this issue?
Yes
Find out if you* are
affected by CVE-2016-0616!
*Directly or indirectly through your vendors, service providers and 3rd parties.
Powered by
attack surface intelligence
from SecurityScorecard.
Exploit prediction scoring system (EPSS) score for CVE-2016-0616
0.29%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 69 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-0616
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.0
|
MEDIUM | AV:N/AC:L/Au:S/C:N/I:N/A:P |
8.0
|
2.9
|
NIST |
References for CVE-2016-0616
-
http://rhn.redhat.com/errata/RHSA-2016-1481.html
RHSA-2016:1481 - Security Advisory - Red Hat Customer Portal
-
http://www.oracle.com/technetwork/topics/security/cpujan2016-2367955.html
Oracle Critical Patch Update - January 2016Vendor Advisory
-
http://www.ubuntu.com/usn/USN-2881-1
USN-2881-1: MySQL vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://mariadb.com/kb/en/mdb-10023-rn/
MariaDB 10.0.23 Release Notes - MariaDB Knowledge BaseVendor Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html
[security-announce] openSUSE-SU-2016:1664-1: important: Security update
-
http://www.debian.org/security/2016/dsa-3459
Debian -- Security Information -- DSA-3459-1 mysql-5.5
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html
[security-announce] SUSE-SU-2016:1620-1: important: Security update for
-
http://www.securitytracker.com/id/1034708
MySQL Multiple Bugs Let Remote Users Access Data and Deny Service, Remote Authenticated Users Modify Data, and Local Users Gain Elevated Privileges - SecurityTracker
-
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
Oracle Solaris Bulletin - April 2016Vendor Advisory
-
http://rhn.redhat.com/errata/RHSA-2016-0534.html
RHSA-2016:0534 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html
[security-announce] SUSE-SU-2016:1619-1: important: Security update for
-
https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/
MariaDB 10.1.10 Release Notes - MariaDB Knowledge BaseVendor Advisory
-
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
Oracle Linux Bulletin - April 2016Vendor Advisory
-
https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/
MariaDB 5.5.47 Release Notes - MariaDB Knowledge BaseVendor Advisory
-
https://access.redhat.com/errata/RHSA-2016:1132
RHSA-2016:1132 - Security Advisory - Red Hat Customer Portal
-
http://www.securityfocus.com/bid/81176
Oracle MySQL CVE-2016-0616 Remote Security Vulnerability
-
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html
[security-announce] openSUSE-SU-2016:1686-1: important: Security updateThird Party Advisory
-
http://rhn.redhat.com/errata/RHSA-2016-1480.html
RHSA-2016:1480 - Security Advisory - Red Hat Customer Portal
-
http://www.debian.org/security/2016/dsa-3453
Debian -- Security Information -- DSA-3453-1 mariadb-10.0Patch;Third Party Advisory
Jump to