Remote Code Execution Vulnerability in MySQL Connector by Oracle
CVE-2016-5598

5.6MEDIUM

Key Information:

Vendor
Oracle
Status
Mysql Connector\/python
Vendor
CVE Published:
25 October 2016

Summary

An unspecified vulnerability in Oracle's MySQL Connector 2.1.3 and earlier, including 2.0.4 and earlier versions, allows remote attackers to compromise the confidentiality, integrity, and availability of systems using the Connector/Python. This vulnerability poses significant risks that could lead to unauthorized access and data breaches, potentially affecting a wide range of applications dependent on these components.

References

http://www.oracle.com/technetwork/security-advisory/cpuoc...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/93653
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1037050
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
5.6
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.