Vulnerability Description
Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related to Server : Security : Encryption.
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Canonical | Ubuntu Linux | 12.04 |
| Debian | Debian Linux | 7.0 |
| Fedoraproject | Fedora | 20 |
| Redhat | Enterprise Linux | 7.0 |
| Oracle | Communications Policy Management | <= 9.7.3 |
| Oracle | Mysql | >= 5.5.0, <= 5.5.40 |
| Oracle | Solaris | 11.3 |
| Mariadb | Mariadb | >= 5.5.0, < 5.5.41 |
References
- http://lists.fedoraproject.org/pipermail/package-announce/2015-February/149929.hMailing ListThird Party Advisory
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.htmlMailing ListThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2015-0116.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2015-0117.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2015-0118.htmlThird Party Advisory
- http://rhn.redhat.com/errata/RHSA-2015-1628.htmlThird Party Advisory
- http://secunia.com/advisories/62728Permissions RequiredThird Party Advisory
- http://secunia.com/advisories/62730Permissions RequiredThird Party Advisory
- http://secunia.com/advisories/62732Permissions RequiredThird Party Advisory
- http://www.debian.org/security/2015/dsa-3135Third Party Advisory
- http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.htmlPatchVendor Advisory
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlVendor Advisory
- http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.htmlVendor Advisory
- http://www.oracle.com/technetwork/topics/security/cpujan2015-1972971.htmlPatchVendor Advisory
- http://www.securityfocus.com/bid/72191Third Party AdvisoryVDB Entry
FAQ
What is CVE-2015-0411?
CVE-2015-0411 is a vulnerability with a CVSS score of 7.5 (HIGH). Unspecified vulnerability in Oracle MySQL Server 5.5.40 and earlier, and 5.6.21 and earlier, allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors related ...
How severe is CVE-2015-0411?
CVE-2015-0411 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2015-0411?
Check the references section above for vendor advisories and patch information. Affected products include: Canonical Ubuntu Linux, Debian Debian Linux, Fedoraproject Fedora, Redhat Enterprise Linux, Oracle Communications Policy Management.