CVE-2015-2566 - OpenCVE

Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Medium

Authentication Multiple

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:M/Au:M/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Novell	Suse Linux Suse Linux For Vmware Suse Linux Sdk
Oracle	Mysql

Configuration 1 [-]

OR	cpe:2.3:o:novell:suse_linux:11.0:sp3:::desktop:::*
	cpe:2.3:o:novell:suse_linux:11.0:sp3:::server:::*
	cpe:2.3:o:novell:suse_linux_for_vmware:11.0:sp3:::server:::*
	cpe:2.3:o:novell:suse_linux_sdk:11.0:sp3::::::

Configuration 2 [-]

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html	Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html	Vendor Advisory
http://www.securitytracker.com/id/1032121	Third Party Advisory VDB Entry
https://security.gentoo.org/glsa/201507-19	Third Party Advisory

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: oracle

Published: 2015-04-16T16:00:00

Updated: 2016-12-30T16:57:01

Reserved: 2015-03-20T00:00:00

Link: CVE-2015-2566

JSON object: View

NVD Information

Status : Analyzed

Published: 2015-04-16T17:00:00.610

Modified: 2017-01-03T18:11:36.520

Link: CVE-2015-2566

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-04-14T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2016-12-30T16:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"name": "GLSA-201507-19", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201507-19"}, {"name": "1032121", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1032121"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"}, {"name": "SUSE-SU-2015:0946", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2015-2566", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "GLSA-201507-19", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201507-19"}, {"name": "1032121", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1032121"}, {"name": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"}, {"name": "SUSE-SU-2015:0946", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"}]}}}}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2015-2566", "datePublished": "2015-04-16T16:00:00", "dateReserved": "2015-03-20T00:00:00", "dateUpdated": "2016-12-30T16:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:novell:suse_linux:11.0:sp3:*:*:desktop:*:*:*", "matchCriteriaId": "BA3A8A02-9CA2-44A3-AA2E-D802043EBFBA", "vulnerable": true}, {"criteria": "cpe:2.3:o:novell:suse_linux:11.0:sp3:*:*:server:*:*:*", "matchCriteriaId": "959EBEA2-52D2-4509-A32A-00E1FD9B4F52", "vulnerable": true}, {"criteria": "cpe:2.3:o:novell:suse_linux_for_vmware:11.0:sp3:*:*:server:*:*:*", "matchCriteriaId": "790CE51A-92B7-4F1F-9E59-3630D4E9DAB7", "vulnerable": true}, {"criteria": "cpe:2.3:o:novell:suse_linux_sdk:11.0:sp3:*:*:*:*:*:*", "matchCriteriaId": "4AC9F045-61AE-45BB-8B86-FD7B0B7AC34A", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "matchCriteriaId": "88026F8E-06D9-4B34-89CF-C01E2486961D", "versionEndIncluding": "5.6.22", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Oracle MySQL Server 5.6.22 and earlier allows remote authenticated users to affect availability via vectors related to DML."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Oracle MySQL Server 5.6.22 y anteriores permite a usuarios remotos autenticados afectar la disponibilidad a trav\u00e9s de vectores relacionados con DML."}], "id": "CVE-2015-2566", "lastModified": "2017-01-03T18:11:36.520", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "LOW", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "NETWORK", "authentication": "MULTIPLE", "availabilityImpact": "PARTIAL", "baseScore": 2.8, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:M/Au:M/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 5.5, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-04-16T17:00:00.610", "references": [{"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-05/msg00026.html"}, {"source": "secalert_us@oracle.com", "tags": ["Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1032121"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory"], "url": "https://security.gentoo.org/glsa/201507-19"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}