IBM Support

Security Bulletin: vulnerabilities in OpenSource Oracle MySQL Server affect IBM Security Guardium

Security Bulletin


Summary

An unspecified vulnerability in Oracle MySQL Server related to the Server could allow a remote attacker to cause a denial of service

Vulnerability Details

CVEID: CVE-2015-2582
DESCRIPTION:
 An unspecified vulnerability in Oracle MySQL Server related to the Server : GIS component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/104760 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P)

CVEID: CVE-2015-2617
DESCRIPTION:
 An unspecified vulnerability in Oracle MySQL Server related to the Server : Partition component has partial confidentiality impact, partial integrity impact, and partial availability impact.
CVSS Base Score: 6.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/104757 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:P/I:P/A:P)

CVEID: CVE-2015-2611
DESCRIPTION:
 An unspecified vulnerability in Oracle MySQL Server related to the Server : DML component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/104759 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P)

CVEID: CVE-2015-2639
DESCRIPTION:
 An unspecified vulnerability in Oracle MySQL Server related to the Server : Security : Firewall component has no confidentiality impact, partial integrity impact, and no availability impact.
CVSS Base Score: 3.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/104770 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:P/A:N)

CVEID: CVE-2015-2641
DESCRIPTION:
 An unspecified vulnerability in Oracle MySQL Server related to the Server : Security : Privileges component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 3.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/104772 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:N/A:P)

CVEID: CVE-2015-2643
DESCRIPTION:
 An unspecified vulnerability in Oracle MySQL Server related to the Server : Optimizer component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/104763 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P)

CVEID: CVE-2015-2648
DESCRIPTION:
 An unspecified vulnerability in Oracle MySQL Server related to the Server : DML component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/104758 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P)

CVEID: CVE-2015-2661
DESCRIPTION:
 An unspecified vulnerability in Oracle MySQL Server related to the Client component could allow a local attacker to cause a denial of service.
CVSS Base Score: 2.1
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/104773 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:L/AC:L/Au:N/C:N/I:N/A:P)

CVEID: CVE-2015-4752
DESCRIPTION:
 An unspecified vulnerability in Oracle MySQL Server related to the Server : I_S component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/104761 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P)

CVEID: CVE-2015-4761
DESCRIPTION:
 An unspecified vulnerability in Oracle MySQL Server related to the Server : Memcached component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 3.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/104765 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:N/A:P)

CVEID: CVE-2015-4767
DESCRIPTION:
 An unspecified vulnerability in Oracle MySQL Server related to the Server : Security : Firewall component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 1.7
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/104774 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:H/Au:M/C:N/I:N/A:P)

CVEID: CVE-2015-4769
DESCRIPTION:
 An unspecified vulnerability in Oracle MySQL Server related to the Server : Security : Firewall component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 3.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/104769 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:N/A:P)

CVEID: CVE-2015-4772
DESCRIPTION:
 An unspecified vulnerability in Oracle MySQL Server related to the Server : Partition component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 4
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/104764 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:L/Au:S/C:N/I:N/A:P)

CVEID: CVE-2015-4771
DESCRIPTION:
 An unspecified vulnerability in Oracle MySQL Server related to the Server : RBR component could allow a remote attacker to cause a denial of service.
CVSS Base Score: 3.5
CVSS Temporal Score: See https://exchange.xforce.ibmcloud.com/vulnerabilities/104768 for the current score
CVSS Environmental Score*: Undefined
CVSS Vector: (AV:N/AC:M/Au:S/C:N/I:N/A:P)

Affected Products and Versions

9x, 10

Get Notified about Future Security Bulletins

References

Off

*The CVSS Environment Score is customer environment specific and will ultimately impact the Overall CVSS Score. Customers can evaluate the impact of this vulnerability in their environments by accessing the links in the Reference section of this Security Bulletin.

Disclaimer

Review the IBM security bulletin disclaimer and definitions regarding your responsibilities for assessing potential impact of security vulnerabilities to your environment.

[{"Product":{"code":"SSMPHH","label":"IBM Security Guardium"},"Business Unit":{"code":"BU059","label":"IBM Software w\/o TPS"},"Component":"Not Applicable","Platform":[{"code":"PF016","label":"Linux"}],"Version":"9.1;9.0;10.0;9.5","Edition":"","Line of Business":{"code":"LOB24","label":"Security Software"}}]

Document Information

Modified date:
16 June 2018

UID

swg21966735