Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRINFOSC.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact Partial

Integrity Impact Partial

Availability Impact Partial

AV:N/AC:L/Au:S/C:P/I:P/A:P
Vendors Products
Oracle
  • Solaris
  • Mysql
Suse
  • Linux Enterprise Software Development Kit
  • Linux Enterprise Desktop
  • Linux Enterprise Server
  • Linux Enterprise Workstation Extension
Opensuse Project
  • Suse Linux Enterprise Desktop
  • Suse Linux Enterprise Software Development Kit
  • Suse Linux Enterprise Server
Vmware
  • Vcenter Server Appliance
Debian
  • Debian Linux
Mariadb
  • Mariadb

Configuration 1 [-]

OR cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*

Configuration 2 [-]

OR cpe:2.3:a:vmware:vcenter_server_appliance:5.0:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_1:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_2:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server_appliance:5.1:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_1:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_2:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server_appliance:5.5:*:*:*:*:*:*:*
cpe:2.3:a:vmware:vcenter_server_appliance:5.5:update_1:*:*:*:*:*:*

Configuration 3 [-]

cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*

Configuration 4 [-]

OR cpe:2.3:o:opensuse_project:suse_linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:*
cpe:2.3:o:opensuse_project:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*
cpe:2.3:o:opensuse_project:suse_linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*
cpe:2.3:o:opensuse_project:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*

Configuration 5 [-]

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Configuration 6 [-]

OR cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*

Configuration 7 [-]

OR cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*
cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:*:*:*:*:*:*:*
References
Link Resource
http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2014/Dec/23 Mailing List Third Party Advisory
http://secunia.com/advisories/60425 Not Applicable
http://www.debian.org/security/2014/dsa-2985 Third Party Advisory
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html Vendor Advisory
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html Vendor Advisory
http://www.securityfocus.com/archive/1/534161/100/0/threaded Third Party Advisory VDB Entry
http://www.securityfocus.com/bid/68564 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1030578 Broken Link Third Party Advisory VDB Entry
http://www.vmware.com/security/advisories/VMSA-2014-0012.html Third Party Advisory
https://exchange.xforce.ibmcloud.com/vulnerabilities/94620 Third Party Advisory VDB Entry
History

No history.

cve-icon MITRE Information

Status: PUBLISHED

Assigner: oracle

Published: 2014-07-17T10:00:00

Updated: 2018-10-09T18:57:01

Reserved: 2014-06-17T00:00:00

Link: CVE-2014-4258

JSON object: View

cve-icon NVD Information

Status : Analyzed

Published: 2014-07-17T11:17:10.747

Modified: 2022-07-18T18:43:03.427

Link: CVE-2014-4258

JSON object: View

cve-icon Redhat Information

No data.

CWE