K44611310 : MySQL vulnerability CVE-2015-0411

Security Advisory Description

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Server : Security : Encryption. (CVE-2015-0411)
Impact
Through undisclosed mechanisms, this vulnerability may allow a remote unauthorized attacker to perform read and write MySQL access, receive privilege escalation, or cause a denial of service (DoS) of the MySQL service and potentially stop critical data plane services.
However, the BIG-IP and Enterprise Manager systems have default mitigations in place through local user authentication requirements and tcp_wrappers (BIG-IP 10.x/Enterprise Manager 2.x) and iptables (BIG-IP 11.x/Enterprise Manager 3.x) that downgrade the access vector for this vulnerability limited to local and authenticated users.
Important: Enabling the Remote Access feature on Enterprise Manager will modify the tcp_wrappers (2.x) and iptables (3.x) rules to allow database access. As a result, the vulnerable access vector for this vulnerability is upgraded back to remote and unauthenticated. The Enterprise Manager Remote Access feature is disabled by default. If you have enabled the Remote Access feature, refer to theDisabling the Remote Access featureprocedure in the**Security Advisory Recommended Actions **section.