Vulnerability Name: | CCN-116644 | ||||||
Published: | 2016-09-05 | ||||||
Updated: | 2016-09-05 | ||||||
Summary: | MySQL could allow a local authenticated attacker to obtain sensitive information, caused by the storing of user credentials in plaintext in the process memory. An attacker could exploit this vulnerability by dumping the process memory to view user credentials. | ||||||
CVSS v3 Severity: | 3.3 Low (CCN CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N) 3.0 Low (CCN Temporal CVSS v3.1 Vector: CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:L/I:N/A:N/E:P/RL:U/RC:R)
| ||||||
CVSS v2 Severity: | 1.7 Low (CCN CVSS v2 Vector: AV:L/AC:L/Au:S/C:P/I:N/A:N)
| ||||||
Vulnerability Consequences: | Obtain Information | ||||||
References: | Source: XF Type: UNKNOWN mysql-memory-info-disc(116644) Source: CCN Type: Packet Storm Security [09-05-2016] MySQL 5.5.45 64bit Local Credential Dislcosure Source: EXPLOIT-DB Type: EXPLOIT Offensive Security Exploit Database [09-05-2016] Source: CCN Type: MySQL Web site MySQL | ||||||
Vulnerable Configuration: | Configuration CCN 1: Denotes that component is vulnerable | ||||||
BACK |