CVE-2015-5969
Publication date 8 April 2016
Last updated 24 July 2024
Ubuntu priority
Cvss 3 Severity Score
The mysql-systemd-helper script in the mysql-community-server package before 5.6.28-2.17.1 in openSUSE 13.2 and before 5.6.28-13.1 in openSUSE Leap 42.1 and the mariadb package before 10.0.22-2.21.2 in openSUSE 13.2 and before 10.0.22-3.1 in SUSE Linux Enterprise (SLE) 12.1 and openSUSE Leap 42.1 allows local users to discover database credentials by listing a process and its arguments.
Status
Package | Ubuntu Release | Status |
---|---|---|
mariadb-10.0 | ||
14.04 LTS trusty | Not in release | |
mariadb-5.5 | ||
14.04 LTS trusty | Not in release | |
mysql-5.5 | ||
14.04 LTS trusty |
Not affected
|
|
mysql-5.6 | ||
14.04 LTS trusty | Not in release | |
percona-server-5.6 | ||
14.04 LTS trusty | Not in release | |
percona-xtradb-cluster-5.5 | ||
14.04 LTS trusty | Not in release | |
percona-xtradb-cluster-5.6 | ||
14.04 LTS trusty | Not in release | |
Notes
Severity score breakdown
Parameter | Value |
---|---|
Base score |
|
Attack vector | Local |
Attack complexity | Low |
Privileges required | None |
User interaction | None |
Scope | Unchanged |
Confidentiality | High |
Integrity impact | None |
Availability impact | None |
Vector | CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |