CVE-2014-2484 (GCVE-0-2014-2484)
Vulnerability from cvelistv5
Published
2014-07-17 02:36
Modified
2024-08-06 10:14
Severity ?
CWE
  • n/a
Summary
Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRFTS.
Impacted products
Vendor Product Version
n/a n/a Version: n/a
Show details on NVD website


{
  "containers": {
    "adp": [
      {
        "providerMetadata": {
          "dateUpdated": "2024-08-06T10:14:26.614Z",
          "orgId": "af854a3a-2127-422b-91ae-364da2661108",
          "shortName": "CVE"
        },
        "references": [
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
          },
          {
            "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_BUGTRAQ",
              "x_transferred"
            ],
            "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
          },
          {
            "name": "1030578",
            "tags": [
              "vdb-entry",
              "x_refsource_SECTRACK",
              "x_transferred"
            ],
            "url": "http://www.securitytracker.com/id/1030578"
          },
          {
            "name": "SUSE-SU-2014:1072",
            "tags": [
              "vendor-advisory",
              "x_refsource_SUSE",
              "x_transferred"
            ],
            "url": "http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html"
          },
          {
            "tags": [
              "x_refsource_CONFIRM",
              "x_transferred"
            ],
            "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
          },
          {
            "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
            "tags": [
              "mailing-list",
              "x_refsource_FULLDISC",
              "x_transferred"
            ],
            "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
          },
          {
            "name": "60425",
            "tags": [
              "third-party-advisory",
              "x_refsource_SECUNIA",
              "x_transferred"
            ],
            "url": "http://secunia.com/advisories/60425"
          }
        ],
        "title": "CVE Program Container"
      }
    ],
    "cna": {
      "affected": [
        {
          "product": "n/a",
          "vendor": "n/a",
          "versions": [
            {
              "status": "affected",
              "version": "n/a"
            }
          ]
        }
      ],
      "datePublic": "2014-07-15T00:00:00",
      "descriptions": [
        {
          "lang": "en",
          "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRFTS."
        }
      ],
      "problemTypes": [
        {
          "descriptions": [
            {
              "description": "n/a",
              "lang": "en",
              "type": "text"
            }
          ]
        }
      ],
      "providerMetadata": {
        "dateUpdated": "2018-10-09T18:57:01",
        "orgId": "43595867-4340-4103-b7a2-9a5208d29a85",
        "shortName": "oracle"
      },
      "references": [
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
        },
        {
          "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_BUGTRAQ"
          ],
          "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
        },
        {
          "name": "1030578",
          "tags": [
            "vdb-entry",
            "x_refsource_SECTRACK"
          ],
          "url": "http://www.securitytracker.com/id/1030578"
        },
        {
          "name": "SUSE-SU-2014:1072",
          "tags": [
            "vendor-advisory",
            "x_refsource_SUSE"
          ],
          "url": "http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html"
        },
        {
          "tags": [
            "x_refsource_CONFIRM"
          ],
          "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
        },
        {
          "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
          "tags": [
            "mailing-list",
            "x_refsource_FULLDISC"
          ],
          "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
        },
        {
          "name": "60425",
          "tags": [
            "third-party-advisory",
            "x_refsource_SECUNIA"
          ],
          "url": "http://secunia.com/advisories/60425"
        }
      ],
      "x_legacyV4Record": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2014-2484",
          "STATE": "PUBLIC"
        },
        "affects": {
          "vendor": {
            "vendor_data": [
              {
                "product": {
                  "product_data": [
                    {
                      "product_name": "n/a",
                      "version": {
                        "version_data": [
                          {
                            "version_value": "n/a"
                          }
                        ]
                      }
                    }
                  ]
                },
                "vendor_name": "n/a"
              }
            ]
          }
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "eng",
              "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRFTS."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "eng",
                  "value": "n/a"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html",
              "refsource": "CONFIRM",
              "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"
            },
            {
              "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
              "refsource": "BUGTRAQ",
              "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"
            },
            {
              "name": "1030578",
              "refsource": "SECTRACK",
              "url": "http://www.securitytracker.com/id/1030578"
            },
            {
              "name": "SUSE-SU-2014:1072",
              "refsource": "SUSE",
              "url": "http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html"
            },
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html",
              "refsource": "CONFIRM",
              "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"
            },
            {
              "name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities",
              "refsource": "FULLDISC",
              "url": "http://seclists.org/fulldisclosure/2014/Dec/23"
            },
            {
              "name": "60425",
              "refsource": "SECUNIA",
              "url": "http://secunia.com/advisories/60425"
            }
          ]
        }
      }
    }
  },
  "cveMetadata": {
    "assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85",
    "assignerShortName": "oracle",
    "cveId": "CVE-2014-2484",
    "datePublished": "2014-07-17T02:36:00",
    "dateReserved": "2014-03-13T00:00:00",
    "dateUpdated": "2024-08-06T10:14:26.614Z",
    "state": "PUBLISHED"
  },
  "dataType": "CVE_RECORD",
  "dataVersion": "5.1",
  "vulnerability-lookup:meta": {
    "nvd": "{\"cve\":{\"id\":\"CVE-2014-2484\",\"sourceIdentifier\":\"secalert_us@oracle.com\",\"published\":\"2014-07-17T05:10:14.687\",\"lastModified\":\"2025-04-12T10:46:40.837\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRFTS.\"},{\"lang\":\"es\",\"value\":\"Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL 5.6.17 y anteriores permite a usuarios remoto autenticados afectar la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores desconocidos relacionados con SRFTS.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:S/C:P/I:P/A:P\",\"baseScore\":6.5,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"SINGLE\",\"confidentialityImpact\":\"PARTIAL\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":8.0,\"impactScore\":6.4,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"5.6.17\",\"matchCriteriaId\":\"D91CF491-A8C9-4C3C-A0CC-33980DF395F0\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E0089EDF-4806-417D-A4F1-63FF03C5AEF3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"898A5CD5-83A5-4335-835F-759F82862753\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.6.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C851FA0E-357E-4B9E-A441-9C74B3526B37\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.6.3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B12FA18C-AB93-4522-AA2C-303342452E59\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.6.4:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"6FD31981-E3ED-41D0-92EB-ABA7490D60E5\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.6.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2E918FF1-8B40-4DC3-9269-1D3BFD18C58D\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.6.6:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4BCD7C2D-49E9-4D78-90CF-F747A1584269\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.6.7:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7956E471-E98A-4527-A5F4-863210E09D5A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.6.8:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"615F499A-5C33-4E79-80FA-9A1453D8A3D4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.6.9:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"4AD40EA2-F432-4F89-9E59-0DB4D415CA85\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.6.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"41494A2D-4BBC-4C3B-841F-878C2430A444\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.6.11:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"A62DA4D8-27B4-4026-9035-75AC35F58439\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.6.12:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D6DF5346-DC9A-4615-BEAC-2F5FD57C3B6B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.6.13:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E948C884-E747-4E7C-B111-4A8DA22E421C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.6.14:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0F933CF3-A850-4D3F-A16D-8129E246BF55\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.6.15:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"038D17E1-2932-4D47-A748-F8A1D46B6721\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:oracle:mysql:5.6.16:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E9028492-4114-4C9A-9E88-4B6C4FA6CC2C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"1F33821F-22ED-4B6A-B70B-D38EDA658EE7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11.0:sp3:*:*:*:*:*:*\",\"matchCriteriaId\":\"01E21741-9D7D-42DD-B70D-5FD3053DE780\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:suse:linux_enterprise_server:11.0:sp3:*:*:vmware:*:*:*\",\"matchCriteriaId\":\"46F48448-E2DE-419B-A05E-BEE60B07E12C\"}]}]}],\"references\":[{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://seclists.org/fulldisclosure/2014/Dec/23\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://secunia.com/advisories/60425\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html\",\"source\":\"secalert_us@oracle.com\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/534161/100/0/threaded\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.securitytracker.com/id/1030578\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2014-0012.html\",\"source\":\"secalert_us@oracle.com\"},{\"url\":\"http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://seclists.org/fulldisclosure/2014/Dec/23\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/60425\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Vendor Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/534161/100/0/threaded\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securitytracker.com/id/1030578\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vmware.com/security/advisories/VMSA-2014-0012.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
  }
}