{"api_version":"1","generated_at":"2026-07-09T08:58:30+00:00","cve":"CVE-2006-1451","urls":{"html":"https://cve.report/CVE-2006-1451","api":"https://cve.report/api/cve/CVE-2006-1451.json","docs":"https://cve.report/api","cve_org":"https://www.cve.org/CVERecord?id=CVE-2006-1451","nvd":"https://nvd.nist.gov/vuln/detail/CVE-2006-1451"},"summary":{"title":"CVE-2006-1451","description":"MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the \"New MySQL root password\" that is provided, which causes the MySQL root password to be blank and allows local users to gain full privileges to that database.","state":"PUBLISHED","assigner":"mitre","published_at":"2006-05-12 21:02:00","updated_at":"2025-04-03 01:03:51"},"problem_types":["NVD-CWE-Other","n/a"],"metrics":[{"version":"2.0","source":"nvd@nist.gov","type":"Primary","score":"7.2","severity":"","vector":"AV:L/AC:L/Au:N/C:C/I:C/A:C","data":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"}}],"references":[{"url":"http://www.osvdb.org/25595","name":"http://www.osvdb.org/25595","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"","mime":"","httpstatus":"-1","archivestatus":"0"},{"url":"http://www.us-cert.gov/cas/techalerts/TA06-132A.html","name":"http://www.us-cert.gov/cas/techalerts/TA06-132A.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["US Government Resource"],"title":"US-CERT Technical Cyber Security Alert TA06-132A -- Apple Mac Products Affected by Multiple Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.vupen.com/english/advisories/2006/1779","name":"http://www.vupen.com/english/advisories/2006/1779","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Webmail : Solution de messagerie professionnelle - OVHcloud- OVH","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://secunia.com/advisories/20077","name":"http://secunia.com/advisories/20077","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Mac OS X Security Update Fixes Multiple Vulnerabilities - Advisories - Secunia","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://www.securityfocus.com/bid/17951","name":"http://www.securityfocus.com/bid/17951","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Apple Mac OS X Security Update 2006-003 Multiple Vulnerabilities","mime":"text/html","httpstatus":"200","archivestatus":"0"},{"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/26420","name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/26420","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"IBM X-Force Exchange","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://lists.apple.com/archives/security-announce/2006/May/msg00003.html","name":"http://lists.apple.com/archives/security-announce/2006/May/msg00003.html","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":["Patch"],"title":"APPLE-SA-2006-05-11 Security Update 2006-003","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"http://securitytracker.com/id?1016077","name":"http://securitytracker.com/id?1016077","refsource":"af854a3a-2127-422b-91ae-364da2661108","tags":[],"title":"Apple MySQL Manager Database Initialization Bug May Let Local Users Access the Database - SecurityTracker","mime":"text/html","httpstatus":"200","archivestatus":"200"},{"url":"https://www.cve.org/CVERecord?id=CVE-2006-1451","name":"CVE Program record","refsource":"CVE.ORG","tags":["canonical"]},{"url":"https://nvd.nist.gov/vuln/detail/CVE-2006-1451","name":"NVD vulnerability detail","refsource":"NVD","tags":["canonical","analysis"]}],"affected":[{"source":"CNA","vendor":"n/a","product":"n/a","version":"affected n/a","platforms":[]}],"timeline":[],"solutions":[],"workarounds":[],"exploits":[],"credits":[],"nvd_cpes":[{"cve_year":"2006","cve_id":"1451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"mac_os_x","cpe6":"10.3.9","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"},{"cve_year":"2006","cve_id":"1451","vulnerable":"1","versionEndIncluding":"","cpe1":"cpe","cpe2":"2.3","cpe3":"o","cpe4":"apple","cpe5":"mac_os_x","cpe6":"10.4.6","cpe7":"*","cpe8":"*","cpe9":"*","cpe10":"*","cpe11":"*","cpe12":"*","cpe13":"*"}],"vendor_comments":[],"enrichments":{"kev":null,"epss":{"cve_year":"2006","cve_id":"1451","cve":"CVE-2006-1451","epss":"0.000700000","percentile":"0.212530000","score_date":"2026-04-20","updated_at":"2026-04-21 00:07:48"},"legacy_qids":[]},"source_records":{"cve_program":{"containers":{"adp":[{"providerMetadata":{"dateUpdated":"2024-08-07T17:12:22.336Z","orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE"},"references":[{"name":"17951","tags":["vdb-entry","x_refsource_BID","x_transferred"],"url":"http://www.securityfocus.com/bid/17951"},{"name":"ADV-2006-1779","tags":["vdb-entry","x_refsource_VUPEN","x_transferred"],"url":"http://www.vupen.com/english/advisories/2006/1779"},{"name":"TA06-132A","tags":["third-party-advisory","x_refsource_CERT","x_transferred"],"url":"http://www.us-cert.gov/cas/techalerts/TA06-132A.html"},{"name":"APPLE-SA-2006-05-11","tags":["vendor-advisory","x_refsource_APPLE","x_transferred"],"url":"http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"},{"name":"macos-mysql-manager-blank-password(26420)","tags":["vdb-entry","x_refsource_XF","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/26420"},{"name":"1016077","tags":["vdb-entry","x_refsource_SECTRACK","x_transferred"],"url":"http://securitytracker.com/id?1016077"},{"name":"20077","tags":["third-party-advisory","x_refsource_SECUNIA","x_transferred"],"url":"http://secunia.com/advisories/20077"},{"name":"25595","tags":["vdb-entry","x_refsource_OSVDB","x_transferred"],"url":"http://www.osvdb.org/25595"}],"title":"CVE Program Container"}],"cna":{"affected":[{"product":"n/a","vendor":"n/a","versions":[{"status":"affected","version":"n/a"}]}],"datePublic":"2006-05-11T00:00:00.000Z","descriptions":[{"lang":"en","value":"MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the \"New MySQL root password\" that is provided, which causes the MySQL root password to be blank and allows local users to gain full privileges to that database."}],"problemTypes":[{"descriptions":[{"description":"n/a","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2017-07-19T15:57:01.000Z","orgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","shortName":"mitre"},"references":[{"name":"17951","tags":["vdb-entry","x_refsource_BID"],"url":"http://www.securityfocus.com/bid/17951"},{"name":"ADV-2006-1779","tags":["vdb-entry","x_refsource_VUPEN"],"url":"http://www.vupen.com/english/advisories/2006/1779"},{"name":"TA06-132A","tags":["third-party-advisory","x_refsource_CERT"],"url":"http://www.us-cert.gov/cas/techalerts/TA06-132A.html"},{"name":"APPLE-SA-2006-05-11","tags":["vendor-advisory","x_refsource_APPLE"],"url":"http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"},{"name":"macos-mysql-manager-blank-password(26420)","tags":["vdb-entry","x_refsource_XF"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/26420"},{"name":"1016077","tags":["vdb-entry","x_refsource_SECTRACK"],"url":"http://securitytracker.com/id?1016077"},{"name":"20077","tags":["third-party-advisory","x_refsource_SECUNIA"],"url":"http://secunia.com/advisories/20077"},{"name":"25595","tags":["vdb-entry","x_refsource_OSVDB"],"url":"http://www.osvdb.org/25595"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"cve@mitre.org","ID":"CVE-2006-1451","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"n/a","version":{"version_data":[{"version_value":"n/a"}]}}]},"vendor_name":"n/a"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the \"New MySQL root password\" that is provided, which causes the MySQL root password to be blank and allows local users to gain full privileges to that database."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"n/a"}]}]},"references":{"reference_data":[{"name":"17951","refsource":"BID","url":"http://www.securityfocus.com/bid/17951"},{"name":"ADV-2006-1779","refsource":"VUPEN","url":"http://www.vupen.com/english/advisories/2006/1779"},{"name":"TA06-132A","refsource":"CERT","url":"http://www.us-cert.gov/cas/techalerts/TA06-132A.html"},{"name":"APPLE-SA-2006-05-11","refsource":"APPLE","url":"http://lists.apple.com/archives/security-announce/2006/May/msg00003.html"},{"name":"macos-mysql-manager-blank-password(26420)","refsource":"XF","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/26420"},{"name":"1016077","refsource":"SECTRACK","url":"http://securitytracker.com/id?1016077"},{"name":"20077","refsource":"SECUNIA","url":"http://secunia.com/advisories/20077"},{"name":"25595","refsource":"OSVDB","url":"http://www.osvdb.org/25595"}]}}}},"cveMetadata":{"assignerOrgId":"8254265b-2729-46b6-b9e3-3dfca2d5bfca","assignerShortName":"mitre","cveId":"CVE-2006-1451","datePublished":"2006-05-12T21:00:00.000Z","dateReserved":"2006-03-28T00:00:00.000Z","dateUpdated":"2024-08-07T17:12:22.336Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"},"nvd":{"publishedDate":"2006-05-12 21:02:00","lastModifiedDate":"2025-04-03 01:03:51","problem_types":["NVD-CWE-Other","n/a"],"metrics":{"cvssMetricV2":[{"source":"nvd@nist.gov","type":"Primary","cvssData":{"version":"2.0","vectorString":"AV:L/AC:L/Au:N/C:C/I:C/A:C","baseScore":7.2,"accessVector":"LOCAL","accessComplexity":"LOW","authentication":"NONE","confidentialityImpact":"COMPLETE","integrityImpact":"COMPLETE","availabilityImpact":"COMPLETE"},"baseSeverity":"HIGH","exploitabilityScore":3.9,"impactScore":10,"acInsufInfo":false,"obtainAllPrivilege":true,"obtainUserPrivilege":false,"obtainOtherPrivilege":false,"userInteractionRequired":false}]},"configurations":[{"nodes":[{"operator":"OR","negate":false,"cpeMatch":[{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*","matchCriteriaId":"DC6931D5-DE7E-41F6-ADDC-AB5A8A167F69"},{"vulnerable":true,"criteria":"cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*","matchCriteriaId":"BB0F2132-8431-4CEF-9A3D-A69425E3834E"}]}]}]},"legacy_mitre":{"record":{"CveYear":"2006","CveId":"1451","Ordinal":"1","Title":"CVE-2006-1451","CVE":"CVE-2006-1451","Year":"2006"},"notes":[{"CveYear":"2006","CveId":"1451","Ordinal":"1","NoteData":"MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the \"New MySQL root password\" that is provided, which causes the MySQL root password to be blank and allows local users to gain full privileges to that database.","Type":"Description","Title":"CVE-2006-1451"},{"CveYear":"2006","CveId":"1451","Ordinal":"2","NoteData":"2006-05-12","Type":"Other","Title":"Published"},{"CveYear":"2006","CveId":"1451","Ordinal":"3","NoteData":"2017-07-19","Type":"Other","Title":"Modified"}]}}}