Vulnerability Details CVE-2016-5590
Vulnerability in the MySQL Enterprise Monitor component of Oracle MySQL (subcomponent: Monitoring: Agent). Supported versions that are affected are 3.1.3.7856 and earlier. Easily exploitable vulnerability allows high privileged attacker with network access via TLS to compromise MySQL Enterprise Monitor. Successful attacks of this vulnerability can result in takeover of MySQL Enterprise Monitor. CVSS v3.0 Base Score 7.2 (Confidentiality, Integrity and Availability impacts).
Exploit prediction scoring system (EPSS) score
EPSS Score 0.008
EPSS Ranking 72.8%
CVSS Severity
CVSS v3 Score 7.2
CVSS v2 Score 6.5
References
- http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html
- http://www.securityfocus.com/bid/95542
- http://www.securitytracker.com/id/1037640
- http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html
- http://www.securityfocus.com/bid/95542
- http://www.securitytracker.com/id/1037640
Products affected by CVE-2016-5590
-
cpe:2.3:a:oracle:mysql_enterprise_monitor:-
-
cpe:2.3:a:oracle:mysql_enterprise_monitor:2.3.14
-
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.0.25
-
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.0.4
-
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.0
-
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.1
-
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.2
-
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.3
-
cpe:2.3:a:oracle:mysql_enterprise_monitor:3.1.3.7856