8.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:N/I:N/A:C
0.003 Low
EPSS
Percentile
71.8%
Issue Overview:
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier allows remote administrators to affect availability via vectors related to Server: RBR. (CVE-2016-5440)
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier allows remote administrators to affect availability via vectors related to Server: InnoDB. (CVE-2016-3459)
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier allows remote administrators to affect availability via vectors related to Server: Privileges. (CVE-2016-5439)
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier allows local users to affect confidentiality, integrity, and availability via vectors related to Server: Parser. (CVE-2016-3477)
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier allows remote authenticated users to affect availability via vectors related to Server: Security: Encryption. (CVE-2016-3614)
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier allows remote authenticated users to affect availability via vectors related to Server: DML. (CVE-2016-3615)
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier allows remote authenticated users to affect availability via vectors related to Server: Types. (CVE-2016-3521)
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier allows remote authenticated users to affect availability via vectors related to Server: FTS. (CVE-2016-3486)
Unspecified vulnerability in Oracle MySQL 5.6.30 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer. (CVE-2016-3501)
Affected Packages:
mysql56
Issue Correction:
Run yum update mysql56 to update your system.
New Packages:
i686:
mysql56-common-5.6.32-1.16.amzn1.i686
mysql56-test-5.6.32-1.16.amzn1.i686
mysql56-devel-5.6.32-1.16.amzn1.i686
mysql56-libs-5.6.32-1.16.amzn1.i686
mysql56-server-5.6.32-1.16.amzn1.i686
mysql56-5.6.32-1.16.amzn1.i686
mysql56-embedded-devel-5.6.32-1.16.amzn1.i686
mysql56-errmsg-5.6.32-1.16.amzn1.i686
mysql56-debuginfo-5.6.32-1.16.amzn1.i686
mysql56-embedded-5.6.32-1.16.amzn1.i686
mysql56-bench-5.6.32-1.16.amzn1.i686
src:
mysql56-5.6.32-1.16.amzn1.src
x86_64:
mysql56-test-5.6.32-1.16.amzn1.x86_64
mysql56-libs-5.6.32-1.16.amzn1.x86_64
mysql56-5.6.32-1.16.amzn1.x86_64
mysql56-devel-5.6.32-1.16.amzn1.x86_64
mysql56-embedded-5.6.32-1.16.amzn1.x86_64
mysql56-errmsg-5.6.32-1.16.amzn1.x86_64
mysql56-server-5.6.32-1.16.amzn1.x86_64
mysql56-embedded-devel-5.6.32-1.16.amzn1.x86_64
mysql56-bench-5.6.32-1.16.amzn1.x86_64
mysql56-common-5.6.32-1.16.amzn1.x86_64
mysql56-debuginfo-5.6.32-1.16.amzn1.x86_64
Red Hat: CVE-2016-3459, CVE-2016-3477, CVE-2016-3486, CVE-2016-3501, CVE-2016-3521, CVE-2016-3614, CVE-2016-3615, CVE-2016-5439, CVE-2016-5440
Mitre: CVE-2016-3459, CVE-2016-3477, CVE-2016-3486, CVE-2016-3501, CVE-2016-3521, CVE-2016-3614, CVE-2016-3615, CVE-2016-5439, CVE-2016-5440
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Amazon Linux | 1 | i686 | mysql56-common | < 5.6.32-1.16.amzn1 | mysql56-common-5.6.32-1.16.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | mysql56-test | < 5.6.32-1.16.amzn1 | mysql56-test-5.6.32-1.16.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | mysql56-devel | < 5.6.32-1.16.amzn1 | mysql56-devel-5.6.32-1.16.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | mysql56-libs | < 5.6.32-1.16.amzn1 | mysql56-libs-5.6.32-1.16.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | mysql56-server | < 5.6.32-1.16.amzn1 | mysql56-server-5.6.32-1.16.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | mysql56 | < 5.6.32-1.16.amzn1 | mysql56-5.6.32-1.16.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | mysql56-embedded-devel | < 5.6.32-1.16.amzn1 | mysql56-embedded-devel-5.6.32-1.16.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | mysql56-errmsg | < 5.6.32-1.16.amzn1 | mysql56-errmsg-5.6.32-1.16.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | mysql56-debuginfo | < 5.6.32-1.16.amzn1 | mysql56-debuginfo-5.6.32-1.16.amzn1.i686.rpm |
Amazon Linux | 1 | i686 | mysql56-embedded | < 5.6.32-1.16.amzn1 | mysql56-embedded-5.6.32-1.16.amzn1.i686.rpm |
8.1 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
HIGH
Privileges Required
NONE
User Interaction
NONE
Scope
CHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:C/C:H/I:H/A:H
6.8 Medium
CVSS2
Access Vector
Access Complexity
Authentication
SINGLE
Confidentiality Impact
NONE
Integrity Impact
NONE
Availability Impact
COMPLETE
AV:N/AC:L/Au:S/C:N/I:N/A:C
0.003 Low
EPSS
Percentile
71.8%