CVE-2014-2440

2014-04-1602:55:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2014-2440

mysql

oracle

vulnerability

nvd

remote attackers

confidentiality

integrity

availability

4.3 Medium

AI Score

Confidence

High

5.1 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

HIGH

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:H/Au:N/C:P/I:P/A:P

0.02 Low

EPSS

Percentile

88.8%

JSON

Unspecified vulnerability in the MySQL Client component in Oracle MySQL 5.5.36 and earlier and 5.6.16 and earlier allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors.

CPENameOperatorVersion
oracle:mysqloracle mysqlle5.6.16
oracle:mysqloracle mysqlle5.5.36
oracle:solarisoracle solariseq11.3
mariadb:mariadbmariadblt5.5.37
mariadb:mariadbmariadblt10.0.11
redhat:enterprise_linux_desktopredhat enterprise linux desktopeq7.0
redhat:enterprise_linux_serverredhat enterprise linux servereq5.0
redhat:enterprise_linux_workstationredhat enterprise linux workstationeq7.0
redhat:enterprise_linux_serverredhat enterprise linux servereq7.0
redhat:enterprise_linux_workstationredhat enterprise linux workstationeq5.0

CPE	Name	Operator	Version
oracle:mysql	oracle mysql	le	5.6.16
oracle:mysql	oracle mysql	le	5.5.36
oracle:solaris	oracle solaris	eq	11.3
mariadb:mariadb	mariadb	lt	5.5.37
mariadb:mariadb	mariadb	lt	10.0.11
redhat:enterprise_linux_desktop	redhat enterprise linux desktop	eq	7.0
redhat:enterprise_linux_server	redhat enterprise linux server	eq	5.0
redhat:enterprise_linux_workstation	redhat enterprise linux workstation	eq	7.0
redhat:enterprise_linux_server	redhat enterprise linux server	eq	7.0
redhat:enterprise_linux_workstation	redhat enterprise linux workstation	eq	5.0