Vulnerability Description
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6500.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle | Mysql | >= 5.5.0, <= 5.5.39 |
| Juniper | Junos Space | <= 15.1 |
| Mariadb | Mariadb | >= 5.5.0, < 5.5.40 |
| Oracle | Solaris | 11.3 |
References
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.htmlMailing ListThird Party Advisory
- http://secunia.com/advisories/61579Permissions RequiredThird Party Advisory
- http://secunia.com/advisories/62073Permissions RequiredThird Party Advisory
- http://security.gentoo.org/glsa/glsa-201411-02.xmlThird Party Advisory
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlVendor Advisory
- http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.htmlVendor Advisory
- http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/70444Third Party AdvisoryVDB Entry
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.htmlMailing ListThird Party Advisory
- http://secunia.com/advisories/61579Permissions RequiredThird Party Advisory
- http://secunia.com/advisories/62073Permissions RequiredThird Party Advisory
- http://security.gentoo.org/glsa/glsa-201411-02.xmlThird Party Advisory
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlVendor Advisory
FAQ
What is CVE-2014-6491?
CVE-2014-6491 is a vulnerability with a CVSS score of 7.5 (HIGH). Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier and 5.6.20 and earlier allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:...
How severe is CVE-2014-6491?
CVE-2014-6491 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-6491?
Check the references section above for vendor advisories and patch information. Affected products include: Oracle Mysql, Juniper Junos Space, Mariadb Mariadb, Oracle Solaris.