9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.4 Medium
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.944 High
EPSS
Percentile
99.2%
04/19/2016
Critical
An unspecified vulnerabilities were found in Oracle MySQL Server. By exploiting these vulnerabilities malicious users can cause denial of service and loss of integrity or obtain sensitive information. These vulnerabilities can be exploited remotely via a vectors related to Packaging, Pluggable Authentication, Security: Encryption, DML, Connection Handling, DDL, FTS, InnoDB, JSON, Optimizer, PS, Partition, Replication, Security: Privileges, MyISAM, Federated, Options, Performance Schema and Locking.
Oracle MySQL Server 5.6 versions earlier than 5.6.30
Oracle MySQL Server 5.7 versions earlier than 5.7.12
Update to the latest version
MySQL downloads
ACE
CVE-2016-20475.9High
CVE-2016-06655.5High
CVE-2016-06665.5High
CVE-2016-06565.5High
CVE-2016-06554.7Warning
CVE-2016-06545.5High
CVE-2016-06535.5High
CVE-2016-06525.5High
CVE-2016-06515.5High
CVE-2016-06505.5High
CVE-2016-06495.5High
CVE-2016-06585.5High
CVE-2016-06575.5High
CVE-2016-06475.5High
CVE-2016-07059.8Critical
CVE-2016-06424.7Warning
CVE-2016-06433.3Warning
CVE-2016-06445.5High
CVE-2016-06614.7Warning
CVE-2016-06674.4Warning
CVE-2016-06399.8Critical
CVE-2016-06406.1High
CVE-2016-06415.1High
CVE-2015-31947.5Critical
CVE-2016-06485.5High
CVE-2016-06625.5High
CVE-2016-06634.7Warning
CVE-2016-06595.5High
CVE-2016-06465.5High
CVE-2016-06684.1Warning
Public exploits exist for this vulnerability.
www.mysql.com/downloads/
www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html#AppendixMSQL
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-3194
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0639
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0640
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0641
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0642
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0643
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0644
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0646
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0647
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0648
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0649
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0650
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0651
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0652
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0653
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0654
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0655
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0656
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0657
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0658
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0659
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0661
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0662
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0663
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0665
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0666
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0667
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0668
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0705
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2047
statistics.securelist.com/vulnerability-scan/month
threats.kaspersky.com/en/product/Oracle-MySQL/
9.8 High
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
6.4 Medium
AI Score
Confidence
Low
10 High
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:N/AC:L/Au:N/C:C/I:C/A:C
0.944 High
EPSS
Percentile
99.2%