Vulnerability Description
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVER:SSL:yaSSL, a different vulnerability than CVE-2014-6491.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Oracle | Solaris | 11.3 |
| Juniper | Junos Space | <= 15.1 |
| Mariadb | Mariadb | >= 5.5.0, < 5.5.40 |
| Oracle | Mysql | >= 5.5.0, <= 5.5.39 |
References
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.htmlMailing ListThird Party Advisory
- http://secunia.com/advisories/61579Permissions RequiredThird Party Advisory
- http://secunia.com/advisories/62073Permissions RequiredThird Party Advisory
- http://security.gentoo.org/glsa/glsa-201411-02.xmlThird Party Advisory
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlVendor Advisory
- http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.htmlVendor Advisory
- http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/70478Third Party AdvisoryVDB Entry
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698Third Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.htmlMailing ListThird Party Advisory
- http://secunia.com/advisories/61579Permissions RequiredThird Party Advisory
- http://secunia.com/advisories/62073Permissions RequiredThird Party Advisory
- http://security.gentoo.org/glsa/glsa-201411-02.xmlThird Party Advisory
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlVendor Advisory
FAQ
What is CVE-2014-6500?
CVE-2014-6500 is a vulnerability with a CVSS score of 7.5 (HIGH). Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via vectors related to SERVE...
How severe is CVE-2014-6500?
CVE-2014-6500 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2014-6500?
Check the references section above for vendor advisories and patch information. Affected products include: Oracle Solaris, Juniper Junos Space, Mariadb Mariadb, Oracle Mysql.