gsd - gsd-2015-0391

gsd-2015-0391

Vulnerability from gsd

Modified

2023-12-13 01:19

Details

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.

Aliases

CVE-2015-0391

Aliases

CVE-2015-0391

JSON

To clipboard

{
  "GSD": {
    "alias": "CVE-2015-0391",
    "description": "Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.",
    "id": "GSD-2015-0391",
    "references": [
      "https://www.suse.com/security/cve/CVE-2015-0391.html",
      "https://access.redhat.com/errata/RHSA-2015:1628",
      "https://access.redhat.com/errata/RHSA-2015:0118",
      "https://access.redhat.com/errata/RHSA-2015:0117",
      "https://access.redhat.com/errata/RHSA-2015:0116",
      "https://linux.oracle.com/cve/CVE-2015-0391.html"
    ]
  },
  "gsd": {
    "metadata": {
      "exploitCode": "unknown",
      "remediation": "unknown",
      "reportConfidence": "confirmed",
      "type": "vulnerability"
    },
    "osvSchema": {
      "aliases": [
        "CVE-2015-0391"
      ],
      "details": "Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.",
      "id": "GSD-2015-0391",
      "modified": "2023-12-13T01:19:58.964047Z",
      "schema_version": "1.4.0"
    }
  },
  "namespaces": {
    "cve.org": {
      "CVE_data_meta": {
        "ASSIGNER": "secalert_us@oracle.com",
        "ID": "CVE-2015-0391",
        "STATE": "PUBLIC"
      },
      "affects": {
        "vendor": {
          "vendor_data": [
            {
              "product": {
                "product_data": [
                  {
                    "product_name": "n/a",
                    "version": {
                      "version_data": [
                        {
                          "version_value": "n/a"
                        }
                      ]
                    }
                  }
                ]
              },
              "vendor_name": "n/a"
            }
          ]
        }
      },
      "data_format": "MITRE",
      "data_type": "CVE",
      "data_version": "4.0",
      "description": {
        "description_data": [
          {
            "lang": "eng",
            "value": "Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to DDL."
          }
        ]
      },
      "problemtype": {
        "problemtype_data": [
          {
            "description": [
              {
                "lang": "eng",
                "value": "n/a"
              }
            ]
          }
        ]
      },
      "references": {
        "reference_data": [
          {
            "name": "RHSA-2015:0118",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0118.html"
          },
          {
            "name": "RHSA-2015:0116",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0116.html"
          },
          {
            "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
            "refsource": "CONFIRM",
            "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
          },
          {
            "name": "SUSE-SU-2015:0743",
            "refsource": "SUSE",
            "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
          },
          {
            "name": "RHSA-2015:1628",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2015-1628.html"
          },
          {
            "name": "62732",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/62732"
          },
          {
            "name": "RHSA-2015:0117",
            "refsource": "REDHAT",
            "url": "http://rhn.redhat.com/errata/RHSA-2015-0117.html"
          },
          {
            "name": "1031581",
            "refsource": "SECTRACK",
            "url": "http://www.securitytracker.com/id/1031581"
          },
          {
            "name": "GLSA-201504-05",
            "refsource": "GENTOO",
            "url": "https://security.gentoo.org/glsa/201504-05"
          },
          {
            "name": "62728",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/62728"
          },
          {
            "name": "72205",
            "refsource": "BID",
            "url": "http://www.securityfocus.com/bid/72205"
          },
          {
            "name": "62730",
            "refsource": "SECUNIA",
            "url": "http://secunia.com/advisories/62730"
          },
          {
            "name": "oracle-cpujan2015-cve20150391(100186)",
            "refsource": "XF",
            "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100186"
          }
        ]
      }
    },
    "nvd.nist.gov": {
      "configurations": {
        "CVE_data_version": "4.0",
        "nodes": [
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "5.5.38",
                "versionStartIncluding": "5.5.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndIncluding": "5.6.19",
                "versionStartIncluding": "5.6.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:*:*:*:*:*:*",
                "cpe_name": [],
                "vulnerable": true
              }
            ],
            "operator": "OR"
          },
          {
            "children": [],
            "cpe_match": [
              {
                "cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "10.0.13",
                "versionStartIncluding": "10.0.0",
                "vulnerable": true
              },
              {
                "cpe23Uri": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
                "cpe_name": [],
                "versionEndExcluding": "5.5.39",
                "versionStartIncluding": "5.5.0",
                "vulnerable": true
              }
            ],
            "operator": "OR"
          }
        ]
      },
      "cve": {
        "CVE_data_meta": {
          "ASSIGNER": "secalert_us@oracle.com",
          "ID": "CVE-2015-0391"
        },
        "data_format": "MITRE",
        "data_type": "CVE",
        "data_version": "4.0",
        "description": {
          "description_data": [
            {
              "lang": "en",
              "value": "Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to DDL."
            }
          ]
        },
        "problemtype": {
          "problemtype_data": [
            {
              "description": [
                {
                  "lang": "en",
                  "value": "NVD-CWE-noinfo"
                }
              ]
            }
          ]
        },
        "references": {
          "reference_data": [
            {
              "name": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html",
              "refsource": "CONFIRM",
              "tags": [
                "Patch",
                "Vendor Advisory"
              ],
              "url": "http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html"
            },
            {
              "name": "72205",
              "refsource": "BID",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securityfocus.com/bid/72205"
            },
            {
              "name": "62732",
              "refsource": "SECUNIA",
              "tags": [
                "Not Applicable",
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/62732"
            },
            {
              "name": "62730",
              "refsource": "SECUNIA",
              "tags": [
                "Not Applicable",
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/62730"
            },
            {
              "name": "62728",
              "refsource": "SECUNIA",
              "tags": [
                "Not Applicable",
                "Third Party Advisory"
              ],
              "url": "http://secunia.com/advisories/62728"
            },
            {
              "name": "1031581",
              "refsource": "SECTRACK",
              "tags": [
                "Broken Link",
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "http://www.securitytracker.com/id/1031581"
            },
            {
              "name": "RHSA-2015:0116",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0116.html"
            },
            {
              "name": "RHSA-2015:0117",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0117.html"
            },
            {
              "name": "RHSA-2015:0118",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2015-0118.html"
            },
            {
              "name": "GLSA-201504-05",
              "refsource": "GENTOO",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "https://security.gentoo.org/glsa/201504-05"
            },
            {
              "name": "RHSA-2015:1628",
              "refsource": "REDHAT",
              "tags": [
                "Third Party Advisory"
              ],
              "url": "http://rhn.redhat.com/errata/RHSA-2015-1628.html"
            },
            {
              "name": "SUSE-SU-2015:0743",
              "refsource": "SUSE",
              "tags": [
                "Mailing List",
                "Third Party Advisory"
              ],
              "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"
            },
            {
              "name": "oracle-cpujan2015-cve20150391(100186)",
              "refsource": "XF",
              "tags": [
                "Third Party Advisory",
                "VDB Entry"
              ],
              "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/100186"
            }
          ]
        }
      },
      "impact": {
        "baseMetricV2": {
          "acInsufInfo": false,
          "cvssV2": {
            "accessComplexity": "LOW",
            "accessVector": "NETWORK",
            "authentication": "SINGLE",
            "availabilityImpact": "PARTIAL",
            "baseScore": 4.0,
            "confidentialityImpact": "NONE",
            "integrityImpact": "NONE",
            "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P",
            "version": "2.0"
          },
          "exploitabilityScore": 8.0,
          "impactScore": 2.9,
          "obtainAllPrivilege": false,
          "obtainOtherPrivilege": false,
          "obtainUserPrivilege": false,
          "severity": "MEDIUM",
          "userInteractionRequired": false
        }
      },
      "lastModifiedDate": "2022-08-26T16:03Z",
      "publishedDate": "2015-01-21T18:59Z"
    }
  }
}

CVE-2015-0391 (GCVE-0-2015-0391)

Vulnerability from cvelistv5

Published

2015-01-21 18:00

Modified

2024-08-06 04:10

Severity ?

CWE

Summary

Unspecified vulnerability in Oracle MySQL Server 5.5.38 and earlier, and 5.6.19 and earlier, allows remote authenticated users to affect availability via vectors related to DDL.

References

URL

Tags

	http://rhn.redhat.com/errata/RHSA-2015-0118.html	vendor-advisory, x_refsource_REDHAT
	http://rhn.redhat.com/errata/RHSA-2015-0116.html	vendor-advisory, x_refsource_REDHAT
	http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.html	x_refsource_CONFIRM
	http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html	vendor-advisory, x_refsource_SUSE
	http://rhn.redhat.com/errata/RHSA-2015-1628.html	vendor-advisory, x_refsource_REDHAT
	http://secunia.com/advisories/62732	third-party-advisory, x_refsource_SECUNIA
	http://rhn.redhat.com/errata/RHSA-2015-0117.html	vendor-advisory, x_refsource_REDHAT
	http://www.securitytracker.com/id/1031581	vdb-entry, x_refsource_SECTRACK
	https://security.gentoo.org/glsa/201504-05	vendor-advisory, x_refsource_GENTOO
	http://secunia.com/advisories/62728	third-party-advisory, x_refsource_SECUNIA
	http://www.securityfocus.com/bid/72205	vdb-entry, x_refsource_BID
	http://secunia.com/advisories/62730	third-party-advisory, x_refsource_SECUNIA
	https://exchange.xforce.ibmcloud.com/vulnerabilities/100186	vdb-entry, x_refsource_XF

Impacted products

	Vendor	Product	Version
	n/a	n/a	Version: n/a

Show details on NVD website