7.5 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
InfoSphere Guardium Database Activity Monitoring vulnerable to the following Oracle MySQL vulnerabilties (CVE-2014-6464, CVE-2014-6469, CVE-2014-6491, CVE-2014-6494, CVE-2014-6495, CVE-2014-6496, CVE-2014-6500, CVE-2014-6555, CVE-2014-6559)
CVEID: CVE-2014-6464 DESCRIPTION: An unspecified vulnerability in Oracle MySQL Server related to the SERVER:INNODB DML FOREIGN KEYS component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/97188 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P)
CVEID: CVE-2014-6469 DESCRIPTION: An unspecified vulnerability in Oracle MySQL Server related to the SERVER:OPTIMIZER component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 6.8
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/97176 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:C)
CVEID: CVE-2014-6491 DESCRIPTION: An unspecified vulnerability in Oracle MySQL Server related to the SERVER:SSL:yaSSL component has partial confidentiality impact, partial integrity impact, and partial availability impact.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/97174 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVEID: CVE-2014-6494 DESCRIPTION: An unspecified vulnerability in Oracle MySQL Server related to the CLIENT:SSL:yaSSL component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/97181 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVEID: CVE-2014-6495 DESCRIPTION: An unspecified vulnerability in Oracle MySQL Server related to the SERVER:SSL:yaSSL component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/97183 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVEID: CVE-2014-6496 DESCRIPTION: An unspecified vulnerability in Oracle MySQL Server related to the CLIENT:SSL:yaSSL component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/97182 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:N/I:N/A:P)
CVEID: CVE-2014-6500 DESCRIPTION: An unspecified vulnerability in Oracle MySQL Server related to the SERVER:SSL:yaSSL component has partial confidentiality impact, partial integrity impact, and partial availability impact.
CVSS Base Score: 7.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/97175 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)
CVEID: CVE-2014-6555 DESCRIPTION: An unspecified vulnerability in Oracle MySQL Server related to the SERVER:DML component has partial confidentiality impact, partial integrity impact, and partial availability impact.
CVSS Base Score: 6.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/97178 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P)
CVEID: CVE-2014-6559 DESCRIPTION: An unspecified vulnerability in Oracle MySQL Server related to the C API SSL CERTIFICATE HANDLING component could allow a remote attacker to obtain sensitive information.
CVSS Base Score: 4.3
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/97180 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:N/C:P/I:N/A:N)
Database Activity Monitoring, V9.0 64 bit, V9.1 64 bit
Product
| VRMF| APAR| Remediation/First Fix
—|—|—|—
InfoSphere Guardium Database Activity Monitoring| V9.0 64 bit | None| http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/InfoSphere+Guardium&release=9.0&platform=Linux&function=fixId&fixids=SqlGuard-9.0p6004_Advisory_2239&includeSupersedes=0
InfoSphere Guardium Database Activity Monitoring| V9.1 64 bit | None| http://www-933.ibm.com/support/fixcentral/swg/selectFixes?parent=ibm~Information%2BManagement&product=ibm/Information+Management/InfoSphere+Guardium&release=9.0&platform=Linux&function=fixId&fixids=SqlGuard-9.0p6004_Advisory_2239&includeSupersedes=0
CPE | Name | Operator | Version |
---|---|---|---|
ibm security guardium | eq | 9.1 | |
ibm security guardium | eq | 9.0 |