CVE-2016-3492

Published on: 10/25/2016 12:00:00 AM UTC

Last Modified on: 03/23/2021 11:27:02 PM UTC

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Certain versions of Mariadb from Mariadb contain the following vulnerability:

Unspecified vulnerability in Oracle MySQL 5.5.51 and earlier, 5.6.32 and earlier, and 5.7.14 and earlier allows remote authenticated users to affect availability via vectors related to Server: Optimizer.

  • CVE-2016-3492 has been assigned by [email protected] to track the vulnerability - currently rated as MEDIUM severity.

CVSS3 Score: 6.5 - MEDIUM

Attack
Vector
Attack
Complexity
Privileges
Required
User
Interaction
NETWORK LOW LOW NONE
Scope Confidentiality
Impact
Integrity
Impact
Availability
Impact
UNCHANGED NONE NONE HIGH

CVSS2 Score: 6.8 - MEDIUM

Access
Vector
Access
Complexity
Authentication
NETWORK LOW SINGLE
Confidentiality
Impact
Integrity
Impact
Availability
Impact
NONE NONE COMPLETE

CVE References

Description Tags Link
MariaDB 10.1.18 Release Notes - MariaDB Knowledge Base Release Notes
Third Party Advisory
mariadb.com
text/html
URL Logo CONFIRM mariadb.com/kb/en/mariadb/mariadb-10118-release-notes/
Red Hat Customer Portal Third Party Advisory
web.archive.org
text/html
Inactive LinkNot Archived
URL Logo REDHAT RHSA-2016:2927
Red Hat Customer Portal Third Party Advisory
web.archive.org
text/html
Inactive LinkNot Archived
URL Logo REDHAT RHSA-2016:2131
Red Hat Customer Portal Third Party Advisory
web.archive.org
text/html
Inactive LinkNot Archived
URL Logo REDHAT RHSA-2016:2749
Oracle Critical Patch Update - October 2016 Patch
Vendor Advisory
www.oracle.com
text/html
URL Logo CONFIRM www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
MariaDB 5.5.52 Release Notes - MariaDB Knowledge Base Release Notes
Third Party Advisory
mariadb.com
text/html
URL Logo CONFIRM mariadb.com/kb/en/mariadb/mariadb-5552-release-notes/
MariaDB 10.0.28 Release Notes - MariaDB Knowledge Base Release Notes
Third Party Advisory
mariadb.com
text/html
URL Logo CONFIRM mariadb.com/kb/en/mariadb/mariadb-10028-release-notes/
Red Hat Customer Portal Third Party Advisory
web.archive.org
text/html
Inactive LinkNot Archived
URL Logo REDHAT RHSA-2016:2595
Red Hat Customer Portal Third Party Advisory
web.archive.org
text/html
Inactive LinkNot Archived
URL Logo REDHAT RHSA-2016:2928
Red Hat Customer Portal Third Party Advisory
web.archive.org
text/html
Inactive LinkNot Archived
URL Logo REDHAT RHSA-2016:2130
MySQL Multiple Bugs Let Remote Users Access and Modify Data, Remote and Local Users Deny Service, and Local Users Modify Data and Gain Elevated Privileges - SecurityTracker Third Party Advisory
VDB Entry
www.securitytracker.com
text/html
URL Logo SECTRACK 1037050
Oracle MySQL CVE-2016-3492 Remote Security Vulnerability Third Party Advisory
VDB Entry
cve.report (archive)
text/html
URL Logo BID 93650
MariaDB and MySQL: Multiple vulnerabilities (GLSA 201701-01) — Gentoo security Third Party Advisory
VDB Entry
security.gentoo.org
text/html
URL Logo GENTOO GLSA-201701-01

Known Affected Configurations (CPE V2.3)

Type Vendor Product Version Update Edition Language
ApplicationMariadbMariadbAllAllAllAll
ApplicationOracleMysqlAllAllAllAll
ApplicationOracleMysqlAllAllAllAll
ApplicationOracleMysqlAllAllAllAll
  • cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*:
  • cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*: