CVE-2014-2494

Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier allows remote authenticated users to affect availability via vectors related to ENARC.

CVSS v2.0 4.0 MEDIUM

4.0^/10

CVSS v2.0 : MEDIUM

V2 Legend

Vector : AV:N/AC:L/Au:S/C:N/I:N/A:P

Exploitability : 8.0 / Impact : 2.9

Access Vector NETWORK

Access Complexity LOW

Authentication SINGLE

Confidentiality Impact NONE

Integrity Impact NONE

Availability Impact PARTIAL

References

Link	Resource
http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html	Mailing List Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html	Mailing List Third Party Advisory
http://seclists.org/fulldisclosure/2014/Dec/23	Mailing List Third Party Advisory
http://secunia.com/advisories/60425	Not Applicable
http://www.debian.org/security/2014/dsa-2985	Third Party Advisory
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html	Vendor Advisory
http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html	Vendor Advisory
http://www.securityfocus.com/archive/1/534161/100/0/threaded	Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1030578	Broken Link Third Party Advisory VDB Entry
http://www.vmware.com/security/advisories/VMSA-2014-0012.html	Third Party Advisory

Configurations

Configuration 1 (hide)

cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*

Configuration 2 (hide)

OR	cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3::::::
	cpe:2.3:o:suse:linux_enterprise_desktop:12:-::::::
	cpe:2.3:o:suse:linux_enterprise_server:11:sp3::::-::*
	cpe:2.3:o:suse:linux_enterprise_server:11:sp3::::vmware::*
	cpe:2.3:o:suse:linux_enterprise_server:12:-::::::
	cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3::::::
	cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-::::::
	cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-::::::

Configuration 3 (hide)

OR	cpe:2.3:a:mariadb:mariadb::::::::
	cpe:2.3:a:mariadb:mariadb::::::::

Configuration 4 (hide)

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

History

26 Aug 2022, 16:12

Type	Values Removed	Values Added
First Time		Suse linux Enterprise Server Mariadb Mariadb mariadb Debian Suse linux Enterprise Software Development Kit Debian debian Linux Suse linux Enterprise Desktop Suse Suse linux Enterprise Workstation Extension
References	~~(CONFIRM) http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html -~~	(CONFIRM) http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html - Vendor Advisory
References	~~(FULLDISC) http://seclists.org/fulldisclosure/2014/Dec/23 -~~	(FULLDISC) http://seclists.org/fulldisclosure/2014/Dec/23 - Mailing List, Third Party Advisory
References	~~(SECUNIA) http://secunia.com/advisories/60425 -~~	(SECUNIA) http://secunia.com/advisories/60425 - Not Applicable
References	~~(CONFIRM) http://www.vmware.com/security/advisories/VMSA-2014-0012.html -~~	(CONFIRM) http://www.vmware.com/security/advisories/VMSA-2014-0012.html - Third Party Advisory
References	~~(SECTRACK) http://www.securitytracker.com/id/1030578 -~~	(SECTRACK) http://www.securitytracker.com/id/1030578 - Broken Link, Third Party Advisory, VDB Entry
References	~~(BUGTRAQ) http://www.securityfocus.com/archive/1/534161/100/0/threaded -~~	(BUGTRAQ) http://www.securityfocus.com/archive/1/534161/100/0/threaded - Third Party Advisory, VDB Entry
References	~~(DEBIAN) http://www.debian.org/security/2014/dsa-2985 -~~	(DEBIAN) http://www.debian.org/security/2014/dsa-2985 - Third Party Advisory
References	~~(SUSE) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html -~~	(SUSE) http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html - Mailing List, Third Party Advisory
References	~~(SUSE) http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html -~~	(SUSE) http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html - Mailing List, Third Party Advisory
CPE	cpe:2.3:a:oracle:mysql:5.5.19:::::::* cpe:2.3:a:oracle:mysql:5.5.10:::::::* cpe:2.3:a:oracle:mysql:5.5.29:::::::* cpe:2.3:a:oracle:mysql:5.5.22:::::::* cpe:2.3:a:oracle:mysql:5.5.31:::::::* cpe:2.3:a:oracle:mysql:5.5.24:::::::* cpe:2.3:a:oracle:mysql:5.5.21:::::::* cpe:2.3:a:oracle:mysql:5.5.30:::::::* cpe:2.3:a:oracle:mysql:5.5.17:::::::* cpe:2.3:a:oracle:mysql:5.5.25:::::::* cpe:2.3:a:oracle:mysql:5.5.32:::::::* cpe:2.3:a:oracle:mysql:5.5.34:::::::* cpe:2.3:a:oracle:mysql:5.5.26:::::::* cpe:2.3:a:oracle:mysql:5.5.36:::::::* cpe:2.3:a:oracle:mysql:5.5.12:::::::* cpe:2.3:a:oracle:mysql:5.5.28:::::::* cpe:2.3:a:oracle:mysql:5.5.20:::::::* cpe:2.3:a:oracle:mysql:5.5.13:::::::* cpe:2.3:a:oracle:mysql:5.5.11:::::::* cpe:2.3:a:oracle:mysql:5.5.35:::::::* cpe:2.3:a:oracle:mysql:5.5.25:a:::::: cpe:2.3:a:oracle:mysql:5.5.15:::::::* cpe:2.3:a:oracle:mysql:5.5.18:::::::* cpe:2.3:a:oracle:mysql:5.5.33:::::::* cpe:2.3:a:oracle:mysql:5.5.14:::::::* cpe:2.3:a:oracle:mysql:5.5.23:::::::* cpe:2.3:a:oracle:mysql:5.5.27:::::::* cpe:2.3:a:oracle:mysql:5.5.16:::::::*	cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:::::: cpe:2.3:a:mariadb:mariadb:::::::: cpe:2.3:o:suse:linux_enterprise_server:11:sp3::::vmware::* cpe:2.3:o:suse:linux_enterprise_server:12:-:::::: cpe:2.3:o:suse:linux_enterprise_desktop:12:-:::::: cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:::::: cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:::::: cpe:2.3:o:suse:linux_enterprise_server:11:sp3::::-::* cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:-:::::: cpe:2.3:o:debian:debian_linux:7.0:::::::*

Information

Published : 2014-07-17 05:10

Updated : 2023-12-10 11:31

NVD link : CVE-2014-2494

Mitre link : CVE-2014-2494

CVE.ORG link : CVE-2014-2494

JSON object : View

Products Affected

mariadb

mariadb

oracle

mysql

suse

linux_enterprise_server
linux_enterprise_workstation_extension
linux_enterprise_desktop
linux_enterprise_software_development_kit

debian

debian_linux

CWE

NVD-CWE-noinfo

4.0 /10