Published: 21/07/2016 Updated: 27/12/2019

CVSS v2 Base Score: 4.3 | Impact Score: 2.9 | Exploitability Score: 8.6

CVSS v3 Base Score: 3.7 | Impact Score: 1.4 | Exploitability Score: 2.2

VMScore: 383

Vector: AV:N/AC:M/Au:N/C:P/I:N/A:N

Unspecified vulnerability in Oracle MySQL 5.5.48 and previous versions, 5.6.29 and previous versions, and 5.7.11 and previous versions and MariaDB prior to 5.5.49, 10.0.x prior to 10.0.25, and 10.1.x prior to 10.1.14 allows remote malicious users to affect confidentiality via vectors related to Server: Connection.

Vulnerable Product	Search on Vulmon	Subscribe to Product
oracle mysql
mariadb mariadb
ibm powerkvm 3.1
ibm powerkvm 2.1
redhat enterprise linux server aus 7.4
redhat enterprise linux 6.0
redhat enterprise linux server aus 7.2
redhat enterprise linux workstation 7.0
redhat enterprise linux server tus 7.2
redhat enterprise linux server tus 7.3
redhat enterprise linux server tus 7.6
redhat enterprise linux server aus 7.3
redhat enterprise linux server 7.0
redhat enterprise linux server eus 7.2
redhat enterprise linux server eus 7.3
redhat enterprise linux server eus 7.4
redhat enterprise linux server aus 7.6
redhat enterprise linux 7.0
redhat enterprise linux server eus 7.5
redhat enterprise linux server eus 7.6
redhat enterprise linux desktop 7.0
oracle linux 7

It was found that the MariaDB client library did not properly check host names against server identities noted in the X509 certificates when establishing secure connections using TLS/SSL A man-in-the-middle attacker could possibly use this flaw to impersonate a server to a client (CVE-2016-2047) Unspecified vulnerability in Oracle MySQL 5546 a ...

NVD-CWE-noinfo http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html https://mariadb.com/kb/en/mariadb/mariadb-10025-release-notes/https://mariadb.com/kb/en/mariadb/mariadb-5549-release-notes/https://mariadb.com/kb/en/mariadb/mariadb-10114-release-notes/http://www.securityfocus.com/bid/91787 http://rhn.redhat.com/errata/RHSA-2016-0705.html http://www.oracle.com/technetwork/topics/security/linuxbulletinjul2016-3090544.html http://www-01.ibm.com/support/docview.wss?uid=isg3T1024168 http://rhn.redhat.com/errata/RHSA-2016-1602.html http://www.securityfocus.com/bid/91987 http://www.securitytracker.com/id/1036362 https://access.redhat.com/errata/RHSA-2016:1132 http://rhn.redhat.com/errata/RHSA-2016-1481.html http://rhn.redhat.com/errata/RHSA-2016-1480.html https://nvd.nist.gov https://alas.aws.amazon.com/ALAS-2016-738.html

CVE-2016-5444

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect