CVE-2013-3801 - OpenCVE

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication None

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:N/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Suse	Linux Enterprise Software Development Kit Linux Enterprise Desktop Linux Enterprise Server
Oracle	Mysql
Mariadb	Mariadb
Opensuse	Opensuse

Configuration 1 [-]

OR	cpe:2.3:a:oracle:mysql::::::::
	cpe:2.3:a:oracle:mysql::::::::

Configuration 2 [-]

OR	cpe:2.3:o:opensuse:opensuse:11.4:::::::*
	cpe:2.3:o:opensuse:opensuse:12.2:::::::*
	cpe:2.3:o:opensuse:opensuse:12.3:::::::*
	cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3::::::
	cpe:2.3:o:suse:linux_enterprise_server:11:sp3::::-::*
	cpe:2.3:o:suse:linux_enterprise_server:11:sp3::::vmware::*
	cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3::::::

Configuration 3 [-]

OR	cpe:2.3:a:mariadb:mariadb::::::::
	cpe:2.3:a:mariadb:mariadb::::::::

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html	Mailing List Third Party Advisory
http://osvdb.org/95331	Broken Link
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html	Vendor Advisory
http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html	Vendor Advisory
http://www.securityfocus.com/bid/61269	Third Party Advisory VDB Entry

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: oracle

Published: 2013-07-17T10:00:00

Updated: 2016-10-14T14:57:01

Reserved: 2013-06-03T00:00:00

Link: CVE-2013-3801

JSON object: View

NVD Information

Status : Analyzed

Published: 2013-07-17T13:41:16.870

Modified: 2022-08-04T19:58:33.833

Link: CVE-2013-3801

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-07-16T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-10-14T14:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"}, {"name": "openSUSE-SU-2013:1335", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"}, {"name": "61269", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/61269"}, {"name": "SUSE-SU-2013:1390", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"}, {"name": "95331", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/95331"}, {"name": "openSUSE-SU-2013:1410", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"}, {"name": "SUSE-SU-2013:1529", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2013-3801", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"}, {"name": "openSUSE-SU-2013:1335", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"}, {"name": "61269", "refsource": "BID", "url": "http://www.securityfocus.com/bid/61269"}, {"name": "SUSE-SU-2013:1390", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"}, {"name": "95331", "refsource": "OSVDB", "url": "http://osvdb.org/95331"}, {"name": "openSUSE-SU-2013:1410", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"}, {"name": "SUSE-SU-2013:1529", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"}, {"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"}]}}}}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2013-3801", "datePublished": "2013-07-17T10:00:00", "dateReserved": "2013-06-03T00:00:00", "dateUpdated": "2016-10-14T14:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "matchCriteriaId": "7F211A4F-DE9A-4C0E-8DF9-905A6BB3045A", "versionEndIncluding": "5.5.30", "versionStartIncluding": "5.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "matchCriteriaId": "7BF9E1EE-E431-43B6-8A8F-D6735D1B1662", "versionEndIncluding": "5.6.10", "versionStartIncluding": "5.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "matchCriteriaId": "D806A17E-B8F9-466D-807D-3F1E77603DC8", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*", "matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", "matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*", "matchCriteriaId": "2F7F8866-DEAD-44D1-AB10-21EE611AA026", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "matchCriteriaId": "A0C34802-52CC-4BFF-9ACD-043469E340C1", "versionEndExcluding": "5.5.31", "versionStartIncluding": "5.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "matchCriteriaId": "5AEC5D32-B35E-4013-A2E5-129FDA9D5EBB", "versionEndExcluding": "10.0.3", "versionStartIncluding": "10.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.30 and earlier and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options."}, {"lang": "es", "value": "Vulnerabilidad sin especificar en el componente MySQL Server en Oracle MySQL 5.5.30 y anteriores y 5.6.10 y anteriores, permite a usuarios autenticados remotamente comprometer la disponibilidad a trav\u00e9s de vectores relacionados con Server Options."}], "id": "CVE-2013-3801", "lastModified": "2022-08-04T19:58:33.833", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 5.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 10.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-07-17T13:41:16.870", "references": [{"source": "secalert_us@oracle.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"}, {"source": "secalert_us@oracle.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"}, {"source": "secalert_us@oracle.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"}, {"source": "secalert_us@oracle.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"}, {"source": "secalert_us@oracle.com", "tags": ["Broken Link"], "url": "http://osvdb.org/95331"}, {"source": "secalert_us@oracle.com", "tags": ["Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"}, {"source": "secalert_us@oracle.com", "tags": ["Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/61269"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}