CVE-2016-3471 Details

CVE-2016-3471

Published: 2016-07-21
Last Modified: 2019-04-22
CVE Author: NIST National Vulnerability Database
CVE Assigner: cve@mitre.org
Summary

Unspecified vulnerability in Oracle MySQL 5.5.45 and earlier and 5.6.26 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Option.

Analysis
Common Vulnerability Score System v2.0
Severity High
Base Score 7.1/10
Exploit Score 3.9/10
Access Vector Network
Access Complexity High
Authentication Single
Impact Score 10/10
Confidentiality Impact Complete
Availability Impact Complete
Integrity Impact Complete
Vector String AV:N/AC:H/Au:S/C:C/I:C/A:C
Common Vulnerability Score System v3.1
Severity High
Base Score 7.5/10
Exploit Score 0.8/10
Access Vector Local
Access Complexity High
Privileges Required High
Impact Score 6/10
Confidentiality Impact High
Availability Impact High
Integrity Impact High
Scope Changed
User Interaction None
Vector String CVSS:3.0/AV:L/AC:H/PR:H/UI:N/S:C/C:H/I:H/A:H
Products Reported
CPE Vulnerable Start Excluding
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* Yes 5.5.0 -
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* Yes 5.6.0 -
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* Yes - -
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* Yes - -
References

http://rhn.redhat.com/errata/RHSA-2016-0534.html
http://rhn.redhat.com/errata/RHSA-2016-0705.html
http://rhn.redhat.com/errata/RHSA-2016-1480.html
http://rhn.redhat.com/errata/RHSA-2016-1481.html
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
http://www.securityfocus.com/bid/91787
http://www.securityfocus.com/bid/91913
http://www.securitytracker.com/id/1036362
https://access.redhat.com/errata/RHSA-2016:1132

CVE ID
CVE-2016-3471
Published
2016-07-21
Modified
2019-04-22
CVSSv2.0
High
CVSSv3.1
High
PCI Compliance
Fail
US-CERT Alert
No
CWE
CWE Pending

You never have to pay for a vulnerability scanning and management software again.

Tired of paying a subscription 'per asset' or 'per IP'? Well you can officially cancel your current subscription. Mageni provides a free, open source and enterprise-ready vulnerability scanning and management platform which helps you to find, prioritize, remediate and manage your vulnerabilities.