First published: Wed Apr 16 2014(Updated: )
Unspecified vulnerability in Oracle MySQL Server 5.5.36 and earlier and 5.6.16 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to RBR.
Credit: secalert_us@oracle.com
Affected Software | Affected Version | How to fix |
---|---|---|
MySQL | >=5.5.0<=5.5.36 | |
MySQL | >=5.6.0<=5.6.16 | |
Oracle Solaris SPARC | =11.3 | |
Mariadb Mariadb | >=5.5.0<5.5.37 | |
Mariadb Mariadb | >=10.0.0<10.0.11 | |
redhat enterprise Linux desktop | =5.0 | |
redhat enterprise Linux desktop | =7.0 | |
redhat enterprise Linux eus | =7.3 | |
redhat enterprise Linux eus | =7.4 | |
redhat enterprise Linux eus | =7.5 | |
redhat enterprise Linux eus | =7.6 | |
redhat enterprise Linux eus | =7.7 | |
redhat enterprise Linux server | =5.0 | |
redhat enterprise Linux server | =7.0 | |
redhat enterprise Linux server aus | =7.3 | |
redhat enterprise Linux server aus | =7.4 | |
redhat enterprise Linux server aus | =7.6 | |
redhat enterprise Linux server aus | =7.7 | |
redhat enterprise Linux server tus | =7.3 | |
redhat enterprise Linux server tus | =7.6 | |
redhat enterprise Linux server tus | =7.7 | |
redhat enterprise Linux workstation | =5.0 | |
redhat enterprise Linux workstation | =7.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
CVE-2014-2436 has a severity rating that indicates it allows remote authenticated users to potentially compromise confidentiality, integrity, and availability of affected systems.
To fix CVE-2014-2436, upgrade to MySQL Server versions 5.5.37 or later or 5.6.17 or later, and ensure that all configurations are securely managed.
CVE-2014-2436 affects MySQL Server versions 5.5.36 and earlier, and 5.6.16 and earlier.
Yes, CVE-2014-2436 can affect MariaDB versions prior to 5.5.37 and 10.0.11.
Yes, several versions of Red Hat Enterprise Linux are vulnerable to CVE-2014-2436, including version 5.0 and versions from 7.0 to 7.7.