Remote Code Execution Vulnerability in MySQL Connector by Oracle
CVE-2016-5598

5.6MEDIUM

Key Information:

Vendor

Oracle
Status
Mysql Connector\/python
Vendor
CVE Published:
25 October 2016

What is CVE-2016-5598?

An unspecified vulnerability in Oracle's MySQL Connector 2.1.3 and earlier, including 2.0.4 and earlier versions, allows remote attackers to compromise the confidentiality, integrity, and availability of systems using the Connector/Python. This vulnerability poses significant risks that could lead to unauthorized access and data breaches, potentially affecting a wide range of applications dependent on these components.

References

http://www.oracle.com/technetwork/security-advisory/cpuoc...
x_refsource_CONFIRM
http://www.securityfocus.com/bid/93653
vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1037050
vdb-entryx_refsource_SECTRACK

CVSS V3.1

Score:
5.6
Severity:
MEDIUM
Confidentiality:
Low
Integrity:
Low
Availability:
Low
Attack Vector:
Network
Attack Complexity:
High
Privileges Required:
None
User Interaction:
None
Scope:
Unchanged

Timeline

  • Vulnerability published

  • Vulnerability Reserved

.