CVE-2014-6559
First published: Wed Oct 15 2014(Updated: )
Unspecified vulnerability in Oracle MySQL Server 5.5.39 and earlier, and 5.6.20 and earlier, allows remote attackers to affect confidentiality via vectors related to C API SSL CERTIFICATE HANDLING.
Credit: secalert_us@oracle.com
| Affected Software | Affected Version | How to fix |
|---|---|---|
| Juniper Networks Junos Space | <=15.1 | |
| Ariadne CMS | >=5.5.0<5.5.40 | |
| Ariadne CMS | >=10.0.0<10.0.15 | |
| Oracle Solaris SPARC | =11.3 | |
| MySQL | >=5.5.0<=5.5.39 | |
| MySQL | >=5.6.0<=5.6.20 | |
| SUSE Linux Enterprise Desktop with Beagle | =12 | |
| SUSE Linux Enterprise Server | =12 | |
| SUSE Linux Enterprise Software Development Kit | =12 | |
| SUSE Linux Enterprise Workstation Extension | =12 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10698
- http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html
- http://secunia.com/advisories/61579
- http://secunia.com/advisories/62073
- http://security.gentoo.org/glsa/glsa-201411-02.xml
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
- http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
- http://www.securityfocus.com/bid/70487
Frequently Asked Questions
What is the severity of CVE-2014-6559?
CVE-2014-6559 is classified as a medium-severity vulnerability due to its potential impact on confidentiality.
How do I fix CVE-2014-6559?
To fix CVE-2014-6559, update Oracle MySQL Server to a version later than 5.5.39 or 5.6.20.
Which software is affected by CVE-2014-6559?
CVE-2014-6559 affects Oracle MySQL Server versions 5.5.39 and earlier, and 5.6.20 and earlier, along with certain versions of MariaDB and Juniper's Junos Space.
What are the potential consequences of exploiting CVE-2014-6559?
Exploiting CVE-2014-6559 can lead to unauthorized access to sensitive data, compromising the confidentiality of the affected systems.
Is there a workaround for CVE-2014-6559?
There are no recommended workarounds for CVE-2014-6559; updating the software is the advised mitigation.
- agent/type
- agent/references
- agent/severity
- agent/remedy
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/source
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- agent/software-canonical-lookup-request
- vendor/juniper
- canonical/juniper networks junos space
- version/juniper networks junos space/15.1
- vendor/mariadb
- canonical/ariadne cms
- version/ariadne cms/5.5.0
- version/ariadne cms/10.0.0
- vendor/oracle
- canonical/oracle solaris sparc
- version/oracle solaris sparc/11.3
- canonical/mysql
- version/mysql/5.5.0
- version/mysql/5.5.39
- version/mysql/5.6.0
- version/mysql/5.6.20
- vendor/suse
- canonical/suse linux enterprise desktop with beagle
- version/suse linux enterprise desktop with beagle/12
- canonical/suse linux enterprise server
- version/suse linux enterprise server/12
- canonical/suse linux enterprise software development kit
- version/suse linux enterprise software development kit/12
- canonical/suse linux enterprise workstation extension
- version/suse linux enterprise workstation extension/12