CVE-2014-6568

Current Description

Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote authenticated users to affect availability via vectors related to Server : InnoDB : DML.

Basic Data

PublishedJanuary 21, 2015
Last ModifiedDecember 18, 2018
Assignercve@mitre.org
Data TypeCVE
Data FormatMITRE
Data Version4.0
Problem TypeNVD-CWE-noinfo
CVE Data Version4.0

Base Metric V2

CVSS 2 - Version2.0
CVSS 2 - Vector StringAV:N/AC:M/Au:S/C:N/I:N/A:P
CVSS 2 - Access VectorNETWORK
CVSS 2 - Access ComplexityMEDIUM
CVSS 2 - AuthenticationSINGLE
CVSS 2 - Confidentiality ImpactNONE
CVSS 2 - Availability ImpactPARTIAL
CVSS 2 - Base Score3.5
SeverityLOW
Exploitability Score6.8
Impact Score2.9
Obtain All Privilegefalse
Obtain User Privilegefalse
Obtain Other Privilegefalse

Base Metric V3

No data provided.

Configurations

  • OR - Configuration 1
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSCanonicalUbuntu Linux12.04***lts***
    2.3OSCanonicalUbuntu Linux14.04***lts***
    2.3OSCanonicalUbuntu Linux14.10*******
  • OR - Configuration 2
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSRedhatEnterprise Linux Desktop7.0*******
    2.3OSRedhatEnterprise Linux Hpc Node7.0*******
    2.3OSRedhatEnterprise Linux Server7.0*******
    2.3OSRedhatEnterprise Linux Workstation7.0*******
  • OR - Configuration 3
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSDebianDebian Linux7.0*******
  • OR - Configuration 4
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSFedoraprojectFedora20*******
  • OR - Configuration 5
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3OSOracleSolaris11.3*******
  • OR - Configuration 6
    Cpe VersionPartVendorProductVersionUpdateEditionLanguageSW EditionTarget SWTarget HWOtherVersion Start IncludingVersion End IncludingVersion Start ExcludingVersion End Excluding
    2.3ApplicationOracleMysql********5.5.05.5.40
    2.3ApplicationOracleMysql********5.6.05.6.21

Vulnerable Software List

VendorProductVersions
Debian Debian Linux 7.0
Canonical Ubuntu Linux 12.04, 14.04, 14.10
Redhat Enterprise Linux Workstation 7.0
Redhat Enterprise Linux Desktop 7.0
Redhat Enterprise Linux Hpc Node 7.0
Redhat Enterprise Linux Server 7.0
Oracle Mysql *
Oracle Solaris 11.3
Fedoraproject Fedora 20

References

NameSourceURLTags
FEDORA-2015-1162http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.htmlFEDORAThird Party Advisory
SUSE-SU-2015:0743http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.htmlSUSEMailing List Third Party Advisory
RHSA-2015:0116http://rhn.redhat.com/errata/RHSA-2015-0116.htmlREDHATThird Party Advisory
RHSA-2015:0117http://rhn.redhat.com/errata/RHSA-2015-0117.htmlREDHATThird Party Advisory
RHSA-2015:0118http://rhn.redhat.com/errata/RHSA-2015-0118.htmlREDHATThird Party Advisory
RHSA-2015:1628http://rhn.redhat.com/errata/RHSA-2015-1628.htmlREDHATThird Party Advisory
62728http://secunia.com/advisories/62728SECUNIAPermissions Required Third Party Advisory
62730http://secunia.com/advisories/62730SECUNIAPermissions Required Third Party Advisory
62732http://secunia.com/advisories/62732SECUNIAPermissions Required Third Party Advisory
DSA-3135http://www.debian.org/security/2015/dsa-3135DEBIANThird Party Advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlCONFIRMVendor Advisory
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.htmlCONFIRMVendor Advisory
http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.htmlhttp://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.htmlCONFIRMPATCH Vendor Advisory
72210http://www.securityfocus.com/bid/72210BIDThird Party Advisory VDB Entry
1031581http://www.securitytracker.com/id/1031581SECTRACKThird Party Advisory VDB Entry
USN-2480-1http://www.ubuntu.com/usn/USN-2480-1UBUNTUThird Party Advisory
GLSA-201504-05https://security.gentoo.org/glsa/201504-05GENTOOThird Party Advisory