Vulnerability Details : CVE-2016-0639
Unspecified vulnerability in Oracle MySQL 5.6.29 and earlier and 5.7.11 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to Pluggable Authentication.
Products affected by CVE-2016-0639
- cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
- cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-0639
1.72%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 87 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-0639
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
10.0
|
HIGH | AV:N/AC:L/Au:N/C:C/I:C/A:C |
10.0
|
10.0
|
NIST | |
9.8
|
CRITICAL | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
3.9
|
5.9
|
NIST |
References for CVE-2016-0639
-
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
cpuapr2016v3Patch;Vendor Advisory
-
http://www.securitytracker.com/id/1035606
MySQL Multiple Bugs Let Remote Users Access and Modify Data and Deny Service and Let Remote and Remote Authenticated Users Gain Elevated Privileges - SecurityTrackerThird Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html
[security-announce] openSUSE-SU-2016:1332-1: important: Security updateMailing List;Third Party Advisory
-
http://www.ubuntu.com/usn/USN-2954-1
USN-2954-1: MySQL vulnerabilities | Ubuntu security noticesThird Party Advisory
-
http://www.securityfocus.com/bid/86418
Oracle MySQL CVE-2016-0639 Remote Security VulnerabilityThird Party Advisory;VDB Entry
-
http://rhn.redhat.com/errata/RHSA-2016-0705.html
RHSA-2016:0705 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.ubuntu.com/usn/USN-2953-1
USN-2953-1: MySQL vulnerabilities | Ubuntu security noticesThird Party Advisory
Jump to