IBM Security Guardium is affected by Open Source Oracle MySQL Vulnerabilities.
IBM Security Guardium addressed these issues
CVEID: CVE-2016-0639**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: Pluggable Authentication component has complete confidentiality impact, complete integrity impact, and complete availability impact.
CVSS Base Score: 10
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112471> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:C/I:C/A:C)
CVEID: CVE-2016-0640**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: DML component has no confidentiality impact, partial integrity impact, and partial availability impact.
CVSS Base Score: 4.9
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112472> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:P/A:P)
CVEID: CVE-2016-0641**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: MyISAM component has partial confidentiality impact, no integrity impact, and partial availability impact.
CVSS Base Score: 4.9
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112473> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:P/I:N/A:P)
CVEID: CVE-2016-0644**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: DDL component could allow a remote attacker to cause a denial of service resulting in a partial availability impact using unknown attack vectors.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112476> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CVEID: CVE-2016-0642**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: Federated component has no confidentiality impact, partial integrity impact, and partial availability impact.
CVSS Base Score: 4.3
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112474> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:M/C:N/I:P/A:P)
CVEID: CVE-2016-0643**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: DML component could allow a remote attacker to obtain sensitive information resulting in a partial confidentiality impact using unknown attack vectors.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112475> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:P/I:N/A:N)
CVEID: CVE-2016-0646**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: DML component could allow a remote attacker to cause a denial of service resulting in a partial availability impact using unknown attack vectors.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112477> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CVEID: CVE-2016-0647**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: FTS component could allow a remote attacker to cause a denial of service resulting in a partial availability impact using unknown attack vectors.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112478> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CVEID: CVE-2016-0648**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: PS component could allow a remote attacker to cause a denial of service resulting in a partial availability impact using unknown attack vectors.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112479> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CVEID: CVE-2016-0649**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: PS component could allow a remote attacker to cause a denial of service resulting in a partial availability impact using unknown attack vectors.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112480> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CVEID: CVE-2016-0652**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: DML component could allow a remote attacker to cause a denial of service resulting in a partial availability impact using unknown attack vectors.
CVSS Base Score: 3.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112482> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:N/A:P)
CVEID: CVE-2016-0653**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: FTS component could allow a remote attacker to cause a denial of service resulting in a partial availability impact using unknown attack vectors.
CVSS Base Score: 3.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112483> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:N/A:P)
CVEID: CVE-2016-0654**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: InnoDB component could allow a remote attacker to cause a denial of service resulting in a partial availability impact using unknown attack vectors.
CVSS Base Score: 3.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112484> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:N/A:P)
CVEID: CVE-2016-0655**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: InnoDB component could allow a remote attacker to cause a denial of service resulting in a partial availability impact using unknown attack vectors.
CVSS Base Score: 3.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112485> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:N/A:P)
CVEID: CVE-2016-0656**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: InnoDB component could allow a remote attacker to cause a denial of service resulting in a partial availability impact using unknown attack vectors.
CVSS Base Score: 3.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112486> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:N/A:P)
CVEID: CVE-2016-0657**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: JSON component could allow a remote attacker to obtain sensitive information resulting in a partial confidentiality impact using unknown attack vectors.
CVSS Base Score: 3.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112487> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:P/I:N/A:N)
CVEID: CVE-2016-0658**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote attacker to cause a denial of service resulting in a partial availability impact using unknown attack vectors.
CVSS Base Score: 3.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112488> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:N/A:P)
CVEID: CVE-2016-0659**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote attacker to cause a denial of service resulting in a partial availability impact using unknown attack vectors.
CVSS Base Score: 3.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112490> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:N/A:P)
CVEID: CVE-2016-0661**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: Options component could allow a remote attacker to cause a denial of service resulting in a partial availability impact using unknown attack vectors.
CVSS Base Score: 3.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112491> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:N/A:P)
CVEID: CVE-2016-0662**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: Partition component could allow a remote attacker to cause a denial of service resulting in a partial availability impact using unknown attack vectors.
CVSS Base Score: 3.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112492> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:N/A:P)
CVEID: CVE-2016-0650**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: Replication component could allow a remote attacker to cause a denial of service resulting in a partial availability impact using unknown attack vectors.
CVSS Base Score: 4
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112481> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CVEID: CVE-2016-0651**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: Optimizer component could allow a remote attacker to cause a denial of service resulting in a partial availability impact using unknown attack vectors.
CVSS Base Score: 3.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112489> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:N/A:P)
CVEID: CVE-2016-0663**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: Performance Schema component could allow a remote attacker to cause a denial of service resulting in a partial availability impact using unknown attack vectors.
CVSS Base Score: 3.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112493> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:N/A:P)
CVEID: CVE-2016-0665**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: Security: Encryption component could allow a remote attacker to cause a denial of service resulting in a partial availability impact using unknown attack vectors.
CVSS Base Score: 3.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112494> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:N/A:P)
CVEID: CVE-2016-0666**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: Security: Privileges component could allow a remote attacker to cause a denial of service resulting in a partial availability impact using unknown attack vectors.
CVSS Base Score: 3.5
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112495> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:N/A:P)
CVEID: CVE-2016-0667**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: Locking component could allow a remote attacker to cause a denial of service resulting in a partial availability impact using unknown attack vectors.
CVSS Base Score: 2.8
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112496> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:M/C:N/I:N/A:P)
CVEID: CVE-2016-0668**
DESCRIPTION:** An unspecified vulnerability in Oracle MySQL Server related to the Server: InnoDB component could allow a remote attacker to cause a denial of service resulting in a partial availability impact using unknown attack vectors.
CVSS Base Score: 1.7
CVSS Temporal Score: See <https://exchange.xforce.ibmcloud.com/vulnerabilities/112497> for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:M/C:N/I:N/A:P)
IBM Security Guardium V9.0, 9.1, 9.5
IBM Security Guardium V10.0, 10.0.1, 10.1, 10.1.2
Product
| VRMF| Remediation/First Fix
—|—|—
IBM Security Guardium| 9x| https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_9.0p6023_SecurityUpdate&includeSupersedes=0&source=fc
IBM Security Guardium| 10x| https://www-945.ibm.com/support/fixcentral/swg/selectFixes?product=ibm/Information+Management/InfoSphere+Guardium&release=All&platform=All&function=fixId&fixids=SqlGuard_10.0p6023_SecurityUpdate&includeSupersedes=0&source=fc
None