CVE-2016-3615

Description

Unspecified vulnerability in Oracle MySQL 5.5.49 and earlier, 5.6.30 and earlier, and 5.7.12 and earlier and MariaDB before 5.5.50, 10.0.x before 10.0.26, and 10.1.x before 10.1.15 allows remote authenticated users to affect availability via vectors related to Server: DML.

CVSS Metrics

• v3.0•MEDIUM•Score: 5.3CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H
• v2.0•MEDIUM•Score: 4.3AV:N/AC:M/Au:N/C:N/I:N/A:P

EPSS Trends

Current EPSS score: 1.85%• Percentile: 83%

Affected Systems

• canonical•ubuntu_linux

  12.04 | 14.04 | 15.10 | 16.04

• debian•debian_linux

  8.0

• ibm•powerkvm

  2.1 | 3.1

• mariadb•mariadb

  ≥ 5.5.20, < 5.5.50 | ≥ 10.0.0, < 10.0.26 | ≥ 10.1.0, < 10.1.15

• oracle•linux

  7

• oracle•mysql

  ≥ 5.5.0, ≤ 5.5.49 | ≥ 5.6.0, ≤ 5.6.30 | ≥ 5.7.0, ≤ 5.7.12

References (19)

• http://www.ubuntu.com/usn/USN-3040-1
• http://rhn.redhat.com/errata/RHSA-2016-1603.html
• http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html
• http://www.securityfocus.com/bid/91960
• http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
• http://www.debian.org/security/2016/dsa-3632
• https://mariadb.com/kb/en/mariadb/mariadb-10026-release-notes/
• http://rhn.redhat.com/errata/RHSA-2016-1480.html
• https://mariadb.com/kb/en/mariadb/mariadb-10115-release-notes/
• http://rhn.redhat.com/errata/RHSA-2016-1601.html
• http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168
• http://www.securitytracker.com/id/1036362
• http://lists.opensuse.org/opensuse-updates/2016-09/msg00042.html
• http://www.debian.org/security/2016/dsa-3624
• http://rhn.redhat.com/errata/RHSA-2016-1637.html
• http://rhn.redhat.com/errata/RHSA-2016-1602.html
• https://mariadb.com/kb/en/mariadb/mariadb-5550-release-notes/
• http://www.securityfocus.com/bid/91787
• http://rhn.redhat.com/errata/RHSA-2016-1604.html