PT-2015-6683 · Oracle+5 · Mysql Server+5

Published

2015-07-16

Updated

2019-02-12

CVE-2015-4737

CVSS v2.0

3.5

Low

Vector

AV:N/AC:M/Au:S/C:P/I:N/A:N

Name of the Vulnerable Software and Affected Versions Oracle MySQL Server versions 5.5.43 and earlier Oracle MySQL Server versions 5.6.23 and earlier

Description The issue affects confidentiality and is related to the Server: Pluggable Auth component. It can be exploited by remote authenticated users via unknown vectors.

Recommendations For Oracle MySQL Server versions 5.5.43 and earlier, update to a version later than 5.5.43. For Oracle MySQL Server versions 5.6.23 and earlier, update to a version later than 5.6.23.

Exploit

Fix

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Related Identifiers

ALT-PU-2016-2238

CESA-2015_1665

CVE-2015-4737

DLA-359-1

DSA-3308-1

MGASA-2015-0279

RHSA-2015:1628

RHSA-2015:1629

RHSA-2015:1630

RHSA-2015:1646

RHSA-2015:1647

RHSA-2015:1665

RHSA-2015_1628

RHSA-2015_1665

SUSE-SU-2015:1788-1

USN-2674-1

Affected Products

Alt Linux

Centos

Mysql Server

Red Hat

Suse

Ubuntu

PT-2015-6683 · Oracle+5 · Mysql Server+5

CVE-2015-4737

Related Identifiers

Affected Products

References · 258