CVE-2013-5807

Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32 and 5.6.x through 5.6.12 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Replication.

CVSS v2.0 4.9 MEDIUM

4.9^/10

CVSS v2.0 : MEDIUM

Vector : AV:N/AC:M/Au:S/C:P/I:P/A:N

Exploitability : 6.8 / Impact : 4.9

Access Vector NETWORK

Access Complexity MEDIUM

Authentication SINGLE

Confidentiality Impact PARTIAL

Integrity Impact PARTIAL

Availability Impact NONE

References

Link	Resource
http://rhn.redhat.com/errata/RHSA-2014-0173.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-0186.html	Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2014-0189.html	Third Party Advisory
http://security.gentoo.org/glsa/glsa-201409-04.xml	Third Party Advisory
http://www.debian.org/security/2013/dsa-2818	Third Party Advisory
http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html	Vendor Advisory
http://www.securityfocus.com/bid/63105	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1029184	Broken Link Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-2006-1	Third Party Advisory

Configurations

Configuration 1 (hide)

OR	cpe:2.3:a:oracle:mysql::::::::
	cpe:2.3:a:oracle:mysql::::::::

Configuration 2 (hide)

OR	cpe:2.3:a:mariadb:mariadb::::::::
	cpe:2.3:a:mariadb:mariadb::::::::

Configuration 3 (hide)

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Configuration 4 (hide)

OR	cpe:2.3:o:canonical:ubuntu_linux:10.04::::-:::
	cpe:2.3:o:canonical:ubuntu_linux:12.04::::-:::
	cpe:2.3:o:canonical:ubuntu_linux:12.10:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:13.04:::::::*
	cpe:2.3:o:canonical:ubuntu_linux:13.10:::::::*

Configuration 5 (hide)

OR	cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_server:5.0:::::::*
	cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:::::::*

History

No history.

Information

Published : 2013-10-16 17:55

Updated : 2022-08-04 19:59

NVD link : CVE-2013-5807

Mitre link : CVE-2013-5807

CVE.ORG link : CVE-2013-5807

JSON object : View

Products Affected

redhat

enterprise_linux_server
enterprise_linux_desktop
enterprise_linux_workstation

mariadb

mariadb

canonical

ubuntu_linux

oracle

mysql

debian

debian_linux

CWE

NVD-CWE-noinfo

{"id": "CVE-2013-5807", "cveTags": [], "metrics": {"cvssMetricV2": [{"type": "Primary", "source": "nvd@nist.gov", "cvssData": {"version": "2.0", "baseScore": 4.9, "accessVector": "NETWORK", "vectorString": "AV:N/AC:M/Au:S/C:P/I:P/A:N", "authentication": "SINGLE", "integrityImpact": "PARTIAL", "accessComplexity": "MEDIUM", "availabilityImpact": "NONE", "confidentialityImpact": "PARTIAL"}, "acInsufInfo": false, "impactScore": 4.9, "baseSeverity": "MEDIUM", "obtainAllPrivilege": false, "exploitabilityScore": 6.8, "obtainUserPrivilege": false, "obtainOtherPrivilege": false, "userInteractionRequired": false}]}, "published": "2013-10-16T17:55:05.427", "references": [{"url": "http://rhn.redhat.com/errata/RHSA-2014-0173.html", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2014-0186.html", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://rhn.redhat.com/errata/RHSA-2014-0189.html", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://security.gentoo.org/glsa/glsa-201409-04.xml", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.debian.org/security/2013/dsa-2818", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.oracle.com/technetwork/topics/security/cpuoct2013-1899837.html", "tags": ["Vendor Advisory"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securityfocus.com/bid/63105", "tags": ["Third Party Advisory", "VDB Entry"], "source": "secalert_us@oracle.com"}, {"url": "http://www.securitytracker.com/id/1029184", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "source": "secalert_us@oracle.com"}, {"url": "http://www.ubuntu.com/usn/USN-2006-1", "tags": ["Third Party Advisory"], "source": "secalert_us@oracle.com"}], "vulnStatus": "Analyzed", "weaknesses": [{"type": "Primary", "source": "nvd@nist.gov", "description": [{"lang": "en", "value": "NVD-CWE-noinfo"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in Oracle MySQL Server 5.5.x through 5.5.32 and 5.6.x through 5.6.12 allows remote authenticated users to affect confidentiality and integrity via unknown vectors related to Replication."}, {"lang": "es", "value": "Vulnerabilidad no especificada en Oracle MySQL Server 5.5.x hasta 5.5.32 y 5.6.x hasta 5.6.x hasta 5.6.12 permite a usuarios remotos autenticados afectar la confidencialidad e integridad a trav\u00e9s de vectores desconocidos relacionados con Replication."}], "lastModified": "2022-08-04T19:59:18.573", "configurations": [{"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "977E3786-8AC9-4C39-9716-0057D8BA83E7", "versionEndIncluding": "5.5.32", "versionStartIncluding": "5.5.0"}, {"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D401A597-0EDF-4FF8-926A-2A75B69D59D5", "versionEndIncluding": "5.6.12", "versionStartIncluding": "5.6.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "CD779511-590A-4D64-AB43-D24458EC6F37", "versionEndExcluding": "5.5.33", "versionStartIncluding": "5.5.0"}, {"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "396FAE59-4AE1-4D13-90EB-A5F4F2168E70", "versionEndExcluding": "10.0.5", "versionStartIncluding": "10.0.0"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:canonical:ubuntu_linux:10.04:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "01EDA41C-6B2E-49AF-B503-EB3882265C11"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:-:*:*:*", "vulnerable": true, "matchCriteriaId": "CB66DB75-2B16-4EBF-9B93-CE49D8086E41"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:12.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "E2076871-2E80-4605-A470-A41C1A8EC7EE"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.04:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "EFAA48D9-BEB4-4E49-AD50-325C262D46D9"}, {"criteria": "cpe:2.3:o:canonical:ubuntu_linux:13.10:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "7F61F047-129C-41A6-8A27-FFCBB8563E91"}], "operator": "OR"}]}, {"nodes": [{"negate": false, "cpeMatch": [{"criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "133AAFA7-AF42-4D7B-8822-AA2E85611BF5"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "54D669D4-6D7E-449D-80C1-28FA44F06FFE"}, {"criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*", "vulnerable": true, "matchCriteriaId": "D0AC5CD5-6E58-433C-9EB3-6DFE5656463E"}], "operator": "OR"}]}], "sourceIdentifier": "secalert_us@oracle.com"}