Improper Access Control

2019-05-0206:37:06

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

5.3 Medium

CVSS3

Attack Vector

LOCAL

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

LOW

Integrity Impact

LOW

Availability Impact

LOW

CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L

4.6 Medium

CVSS2

Access Vector

LOCAL

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:L/AC:L/Au:N/C:P/I:P/A:P

JSON

Oracle MySQL is vulnerable to denial of service(DoS) attacks. A local user could exploit a flaw in the Client programs component which allows unauthorized attackers to partially access data, partially modify data, and partially cause a denial of service.

CPENameOperatorVersion
rh-mysql56-mysqleq5.6.24__3.el6
rh-mysql56-mysqleq5.6.30__1.el6
rh-mysql56-mysqleq5.6.32__1.el6
rh-mysql56-mysqleq5.6.34__2.el6
rh-mysql56-mysqleq5.6.34__2.el7
rh-mysql56-mysqleq5.6.26__1.el6
rh-mariadb100-mariadbeq10.0.17__9.el6
rh-mariadb100-mariadbeq10.0.25__4.el6
rh-mariadb100-mariadbeq10.0.28__5.el6
rh-mariadb100-mariadbeq10.0.28__5.el7

Name	Operator	Version
rh-mysql56-mysql	eq	5.6.24__3.el6
rh-mysql56-mysql	eq	5.6.30__1.el6
rh-mysql56-mysql	eq	5.6.32__1.el6
rh-mysql56-mysql	eq	5.6.34__2.el6
rh-mysql56-mysql	eq	5.6.34__2.el7
rh-mysql56-mysql	eq	5.6.26__1.el6
rh-mariadb100-mariadb	eq	10.0.17__9.el6
rh-mariadb100-mariadb	eq	10.0.25__4.el6
rh-mariadb100-mariadb	eq	10.0.28__5.el6
rh-mariadb100-mariadb	eq	10.0.28__5.el7