CVE-2015-2611 - OpenCVE

Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML.

No CVSS v3.1

No CVSS v3.0

Access Vector Network

Access Complexity Low

Authentication Single

Confidentiality Impact None

Integrity Impact None

Availability Impact Partial

AV:N/AC:L/Au:S/C:N/I:N/A:P

Vendors & Products
CPE Configurations

Vendors	Products
Canonical	Ubuntu Linux
Oracle	Mysql

Configuration 1 [-]

OR	cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
	cpe:2.3:o:canonical:ubuntu_linux:14.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*

Configuration 2 [-]

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*

References

Link	Resource
http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html
http://rhn.redhat.com/errata/RHSA-2015-1630.html
http://rhn.redhat.com/errata/RHSA-2015-1646.html
http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html	Patch Vendor Advisory
http://www.securityfocus.com/bid/75762
http://www.securitytracker.com/id/1032911
http://www.ubuntu.com/usn/USN-2674-1
https://security.gentoo.org/glsa/201610-06

History

No history.

MITRE Information

Status: PUBLISHED

Assigner: oracle

Published: 2015-07-16T10:00:00

Updated: 2018-01-04T19:57:01

Reserved: 2015-03-20T00:00:00

Link: CVE-2015-2611

JSON object: View

NVD Information

Status : Modified

Published: 2015-07-16T10:59:35.883

Modified: 2018-01-05T02:30:02.103

Link: CVE-2015-2611

JSON object: View

Redhat Information

No data.

CWE

NVD-CWE-noinfo

{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-07-14T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-01-04T19:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"}, {"name": "1032911", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1032911"}, {"name": "RHSA-2015:1646", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1646.html"}, {"name": "openSUSE-SU-2015:1629", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html"}, {"name": "USN-2674-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2674-1"}, {"name": "GLSA-201610-06", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201610-06"}, {"name": "75762", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/75762"}, {"name": "RHSA-2015:1630", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1630.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2015-2611", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"}, {"name": "1032911", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1032911"}, {"name": "RHSA-2015:1646", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1646.html"}, {"name": "openSUSE-SU-2015:1629", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html"}, {"name": "USN-2674-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2674-1"}, {"name": "GLSA-201610-06", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201610-06"}, {"name": "75762", "refsource": "BID", "url": "http://www.securityfocus.com/bid/75762"}, {"name": "RHSA-2015:1630", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2015-1630.html"}]}}}}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2015-2611", "datePublished": "2015-07-16T10:00:00", "dateReserved": "2015-03-20T00:00:00", "dateUpdated": "2018-01-04T19:57:01", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.0"}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B6B7CAD7-9D4E-4FDB-88E3-1E583210A01F", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*", "matchCriteriaId": "B5A6F2F3-4894-4392-8296-3B8DD2679084", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:14.10:*:*:*:*:*:*:*", "matchCriteriaId": "49A63F39-30BE-443F-AF10-6245587D3359", "vulnerable": true}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*", "matchCriteriaId": "F38D3B7E-8429-473F-BB31-FC3583EE5A5B", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "matchCriteriaId": "E14741D6-F3C0-4F1E-9C4F-1F515D118D90", "versionEndIncluding": "5.5.43", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Oracle MySQL Server 5.6.24 and earlier allows remote authenticated users to affect availability via vectors related to DML."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Oracle MySQL Server 5.6.24 y anteriores, permite a usuarios remotos autenticados afectar la disponibilidad a trav\u00e9s de vectores relacionados con DML."}], "id": "CVE-2015-2611", "lastModified": "2018-01-05T02:30:02.103", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-07-16T10:59:35.883", "references": [{"source": "secalert_us@oracle.com", "url": "http://lists.opensuse.org/opensuse-updates/2015-09/msg00042.html"}, {"source": "secalert_us@oracle.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-1630.html"}, {"source": "secalert_us@oracle.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-1646.html"}, {"source": "secalert_us@oracle.com", "tags": ["Patch", "Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2015-2367936.html"}, {"source": "secalert_us@oracle.com", "url": "http://www.securityfocus.com/bid/75762"}, {"source": "secalert_us@oracle.com", "url": "http://www.securitytracker.com/id/1032911"}, {"source": "secalert_us@oracle.com", "url": "http://www.ubuntu.com/usn/USN-2674-1"}, {"source": "secalert_us@oracle.com", "url": "https://security.gentoo.org/glsa/201610-06"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}