1. CVE-Search
  2. CVE-2014-2438
ID CVE-2014-2438
Summary Unspecified vulnerability in Oracle MySQL Server 5.5.35 and earlier and 5.6.15 and earlier allows remote authenticated users to affect availability via unknown vectors related to Replication.
References
Vulnerable Configurations
  • cpe:2.3:a:oracle:mysql:5.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.5:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.6:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.7:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.9:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.9:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.10:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.10:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.11:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.11:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.12:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.13:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.13:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.14:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.14:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.15:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.15:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.16:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.16:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.17:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.17:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.18:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.18:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.19:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.19:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.20:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.20:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.21:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.21:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.22:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.22:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.23:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.23:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.24:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.24:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.25:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.25:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.25:a:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.25:a:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.26:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.26:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.27:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.27:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.28:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.28:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.29:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.29:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.30:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.30:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.31:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.31:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.32:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.32:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.33:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.33:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.34:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.34:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.5.35:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.5.35:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.6.0:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.6.0:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.6.0:*:*:*:enterprise:*:*:*
    cpe:2.3:a:oracle:mysql:5.6.0:*:*:*:enterprise:*:*:*
  • cpe:2.3:a:oracle:mysql:5.6.1:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.6.1:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.6.2:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.6.2:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.6.3:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.6.3:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.6.4:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.6.4:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.6.5:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.6.5:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.6.6:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.6.6:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.6.7:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.6.7:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.6.8:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.6.8:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.6.9:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.6.9:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.6.10:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.6.10:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.6.11:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.6.11:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.6.12:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.6.12:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.6.13:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.6.13:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.6.14:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.6.14:*:*:*:*:*:*:*
  • cpe:2.3:a:oracle:mysql:5.6.15:*:*:*:*:*:*:*
    cpe:2.3:a:oracle:mysql:5.6.15:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.0:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.20:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.20:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.21:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.21:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.22:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.22:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.23:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.23:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.24:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.24:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.25:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.25:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.27:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.27:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.28:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.28:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.28a:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.28a:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.33:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.33:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.33:a:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.33:a:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.34:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.34:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:5.5.35:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:5.5.35:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:10.0.0:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:10.0.0:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:10.0.1:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:10.0.1:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:10.0.2:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:10.0.2:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:10.0.3:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:10.0.3:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:10.0.4:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:10.0.4:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:10.0.5:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:10.0.5:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:10.0.6:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:10.0.6:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:10.0.7:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:10.0.7:*:*:*:*:*:*:*
  • cpe:2.3:a:mariadb:mariadb:10.0.8:*:*:*:*:*:*:*
    cpe:2.3:a:mariadb:mariadb:10.0.8:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server:5.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_workstation:5.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_desktop:5.0:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.3:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:7.3:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:7.4:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:7.5:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:7.6:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_eus:7.7:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_aus:7.7:*:*:*:*:*:*:*
  • cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
    cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*
CVSS
Base: 3.5 (as of 16-09-2022 - 19:57)
Impact:
Exploitability:
CWE NVD-CWE-noinfo
CAPEC
Access
VectorComplexityAuthentication
NETWORK MEDIUM SINGLE
Impact
ConfidentialityIntegrityAvailability
NONE NONE PARTIAL
cvss-vector via4 AV:N/AC:M/Au:S/C:N/I:N/A:P
redhat via4
advisories
  • bugzilla
    id 1088197
    title CVE-2014-2440 mysql: unspecified vulnerability related to Client (CPU April 2014)
    oval
    OR
    • comment Red Hat Enterprise Linux must be installed
      oval oval:com.redhat.rhba:tst:20070304026
    • AND
      • comment Red Hat Enterprise Linux 5 is installed
        oval oval:com.redhat.rhba:tst:20070331005
      • OR
        • AND
          • comment mysql55-mysql is earlier than 0:5.5.37-1.el5
            oval oval:com.redhat.rhsa:tst:20140536001
          • comment mysql55-mysql is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20140186002
        • AND
          • comment mysql55-mysql-bench is earlier than 0:5.5.37-1.el5
            oval oval:com.redhat.rhsa:tst:20140536003
          • comment mysql55-mysql-bench is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20140186004
        • AND
          • comment mysql55-mysql-devel is earlier than 0:5.5.37-1.el5
            oval oval:com.redhat.rhsa:tst:20140536005
          • comment mysql55-mysql-devel is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20140186006
        • AND
          • comment mysql55-mysql-libs is earlier than 0:5.5.37-1.el5
            oval oval:com.redhat.rhsa:tst:20140536007
          • comment mysql55-mysql-libs is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20140186008
        • AND
          • comment mysql55-mysql-server is earlier than 0:5.5.37-1.el5
            oval oval:com.redhat.rhsa:tst:20140536009
          • comment mysql55-mysql-server is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20140186010
        • AND
          • comment mysql55-mysql-test is earlier than 0:5.5.37-1.el5
            oval oval:com.redhat.rhsa:tst:20140536011
          • comment mysql55-mysql-test is signed with Red Hat redhatrelease key
            oval oval:com.redhat.rhsa:tst:20140186012
    rhsa
    id RHSA-2014:0536
    released 2014-05-22
    severity Moderate
    title RHSA-2014:0536: mysql55-mysql security update (Moderate)
  • rhsa
    id RHSA-2014:0522
  • rhsa
    id RHSA-2014:0537
  • rhsa
    id RHSA-2014:0702
rpms
  • mariadb55-mariadb-0:5.5.37-1.3.el6
  • mariadb55-mariadb-bench-0:5.5.37-1.3.el6
  • mariadb55-mariadb-debuginfo-0:5.5.37-1.3.el6
  • mariadb55-mariadb-devel-0:5.5.37-1.3.el6
  • mariadb55-mariadb-libs-0:5.5.37-1.3.el6
  • mariadb55-mariadb-server-0:5.5.37-1.3.el6
  • mariadb55-mariadb-test-0:5.5.37-1.3.el6
  • mysql55-mysql-0:5.5.37-1.el5
  • mysql55-mysql-bench-0:5.5.37-1.el5
  • mysql55-mysql-debuginfo-0:5.5.37-1.el5
  • mysql55-mysql-devel-0:5.5.37-1.el5
  • mysql55-mysql-libs-0:5.5.37-1.el5
  • mysql55-mysql-server-0:5.5.37-1.el5
  • mysql55-mysql-test-0:5.5.37-1.el5
  • mysql55-mysql-0:5.5.37-1.2.el6
  • mysql55-mysql-bench-0:5.5.37-1.2.el6
  • mysql55-mysql-debuginfo-0:5.5.37-1.2.el6
  • mysql55-mysql-devel-0:5.5.37-1.2.el6
  • mysql55-mysql-libs-0:5.5.37-1.2.el6
  • mysql55-mysql-server-0:5.5.37-1.2.el6
  • mysql55-mysql-test-0:5.5.37-1.2.el6
  • mariadb-1:5.5.37-1.el7_0
  • mariadb-bench-1:5.5.37-1.el7_0
  • mariadb-debuginfo-1:5.5.37-1.el7_0
  • mariadb-devel-1:5.5.37-1.el7_0
  • mariadb-embedded-1:5.5.37-1.el7_0
  • mariadb-embedded-devel-1:5.5.37-1.el7_0
  • mariadb-libs-1:5.5.37-1.el7_0
  • mariadb-server-1:5.5.37-1.el7_0
  • mariadb-test-1:5.5.37-1.el7_0
refmap via4
bid 66846
confirm http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html
gentoo GLSA-201409-04
Last major update 16-09-2022 - 19:57
Published 16-04-2014 - 02:55
Last modified 16-09-2022 - 19:57
Back to Top