Local User Vulnerability in MySQL and MariaDB on openSUSE and SUSE Linux Enterprise
CVE-2015-5969
6.2MEDIUM
Key Information:
- Vendor
- Suse
- Status
- Vendor
- CVE Published:
- 8 April 2016
Summary
A vulnerability exists in the mysql-systemd-helper script of the mysql-community-server package, as well as in the mariadb package, on specific openSUSE and SUSE Linux Enterprise versions. This weakness allows local users to enumerate running processes and their arguments, potentially exposing sensitive database credentials to unauthorized individuals.
References
CVSS V3.1
Score:
6.2
Severity:
MEDIUM
Confidentiality:
High
Integrity:
None
Availability:
High
Attack Vector:
Local
Attack Complexity:
Low
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged
Timeline
Vulnerability published
Vulnerability Reserved