CVE-2015-4895 — LOW (3.5) — White Hats Nepal

Q: What is CVE-2015-4895?

CVE-2015-4895 is a vulnerability with a CVSS score of 3.5 (LOW). Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.

Q: How severe is CVE-2015-4895?

CVE-2015-4895 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2015-4895?

Check the references section above for vendor advisories and patch information. Affected products include: Oracle Mysql, Mariadb Mariadb, Fedoraproject Fedora, Debian Debian Linux, Canonical Ubuntu Linux.

Vulnerability Description

Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.

CVSS Score

3.5

LOW

AV:N/AC:M/Au:S/C:N/I:N/A:P

Confidentiality

NONE

Integrity

NONE

Availability

PARTIAL

Affected Products

Vendor	Product	Versions
Oracle	Mysql	>= 5.6.0, <= 5.6.25
Mariadb	Mariadb	>= 10.0.0, < 10.0.21
Fedoraproject	Fedora	23
Debian	Debian Linux	8.0
Canonical	Ubuntu Linux	12.04

References

http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.hMailing ListThird Party Advisory
http://www.debian.org/security/2015/dsa-3385Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.htmlVendor Advisory
http://www.securityfocus.com/bid/77136Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1033894Broken LinkThird Party AdvisoryVDB Entry
http://www.ubuntu.com/usn/USN-2781-1Third Party Advisory
https://access.redhat.com/errata/RHSA-2016:1132Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177539.hMailing ListThird Party Advisory
http://www.debian.org/security/2015/dsa-3385Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.htmlVendor Advisory
http://www.securityfocus.com/bid/77136Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1033894Broken LinkThird Party AdvisoryVDB Entry
http://www.ubuntu.com/usn/USN-2781-1Third Party Advisory
https://access.redhat.com/errata/RHSA-2016:1132Third Party Advisory

FAQ

What is CVE-2015-4895?

CVE-2015-4895 is a vulnerability with a CVSS score of 3.5 (LOW). Unspecified vulnerability in Oracle MySQL Server 5.6.25 and earlier allows remote authenticated users to affect availability via unknown vectors related to Server : InnoDB.

How severe is CVE-2015-4895?

CVE-2015-4895 has been rated LOW with a CVSS base score of 3.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-4895?

Check the references section above for vendor advisories and patch information. Affected products include: Oracle Mysql, Mariadb Mariadb, Fedoraproject Fedora, Debian Debian Linux, Canonical Ubuntu Linux.