Lucene search

[email protected]CVE-2016-3452

HistoryJul 21, 2016 - 10:12 a.m.

CVE-2016-3452

2016-07-2110:12:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

cve-2016-3452

unspecified vulnerability

oracle mysql

mariadb

remote attack

confidentiality

security encryption

nvd

3.7 Low

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

NONE

Availability Impact

NONE

CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N

4.8 Medium

AI Score

Confidence

Low

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

NONE

AV:N/AC:M/Au:N/C:P/I:N/A:N

0.005 Low

EPSS

Percentile

75.8%

JSON

Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.

CPENameOperatorVersion
redhat:enterprise_linuxredhat enterprise linuxeq7.0
redhat:enterprise_linuxredhat enterprise linuxeq6.0
oracle:mysqloracle mysqlle5.6.29
oracle:mysqloracle mysqlle5.7.10
oracle:mysqloracle mysqlle5.5.48
mariadb:mariadbmariadblt5.5.49
mariadb:mariadbmariadblt10.0.25
mariadb:mariadbmariadblt10.1.14
ibm:powerkvmibm powerkvmeq3.1
ibm:powerkvmibm powerkvmeq2.1

CPE	Name	Operator	Version
redhat:enterprise_linux	redhat enterprise linux	eq	7.0
redhat:enterprise_linux	redhat enterprise linux	eq	6.0
oracle:mysql	oracle mysql	le	5.6.29
oracle:mysql	oracle mysql	le	5.7.10
oracle:mysql	oracle mysql	le	5.5.48
mariadb:mariadb	mariadb	lt	5.5.49
mariadb:mariadb	mariadb	lt	10.0.25
mariadb:mariadb	mariadb	lt	10.1.14
ibm:powerkvm	ibm powerkvm	eq	3.1
ibm:powerkvm	ibm powerkvm	eq	2.1