CVE-2015-2620

2015-07-1610:59:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2015-2620

oracle

mysql

server

remote

authenticated

confidentiality

security

privileges

nvd

4.3 Medium

AI Score

Confidence

High

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.004 Low

EPSS

Percentile

73.9%

JSON

Unspecified vulnerability in Oracle MySQL Server 5.5.43 and earlier and 5.6.23 and earlier allows remote authenticated users to affect confidentiality via unknown vectors related to Server : Security : Privileges.

CPENameOperatorVersion
canonical:ubuntu_linuxcanonical ubuntu linuxeq12.04
debian:debian_linuxdebian debian linuxeq8.0
canonical:ubuntu_linuxcanonical ubuntu linuxeq14.10
canonical:ubuntu_linuxcanonical ubuntu linuxeq14.04
canonical:ubuntu_linuxcanonical ubuntu linuxeq15.04
oracle:solarisoracle solariseq11.3
juniper:junos_spacejuniper junos spacele15.1
oracle:mysqloracle mysqlle5.6.23
oracle:mysqloracle mysqlle5.5.43
mariadb:mariadbmariadblt5.5.44

CPE	Name	Operator	Version
canonical:ubuntu_linux	canonical ubuntu linux	eq	12.04
debian:debian_linux	debian debian linux	eq	8.0
canonical:ubuntu_linux	canonical ubuntu linux	eq	14.10
canonical:ubuntu_linux	canonical ubuntu linux	eq	14.04
canonical:ubuntu_linux	canonical ubuntu linux	eq	15.04
oracle:solaris	oracle solaris	eq	11.3
juniper:junos_space	juniper junos space	le	15.1
oracle:mysql	oracle mysql	le	5.6.23
oracle:mysql	oracle mysql	le	5.5.43
mariadb:mariadb	mariadb	lt	5.5.44