{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2013-07-16T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2017-08-28T12:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"name": "95330", "tags": ["vdb-entry", "x_refsource_OSVDB"], "url": "http://osvdb.org/95330"}, {"name": "53372", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/53372"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"}, {"name": "GLSA-201308-06", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"}, {"name": "openSUSE-SU-2013:1335", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"}, {"name": "oracle-cpujuly2013-cve20133808(85717)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85717"}, {"name": "SUSE-SU-2013:1390", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"}, {"name": "openSUSE-SU-2013:1410", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"}, {"name": "SUSE-SU-2013:1529", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2013-3808", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "95330", "refsource": "OSVDB", "url": "http://osvdb.org/95330"}, {"name": "53372", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/53372"}, {"name": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"}, {"name": "GLSA-201308-06", "refsource": "GENTOO", "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"}, {"name": "openSUSE-SU-2013:1335", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"}, {"name": "oracle-cpujuly2013-cve20133808(85717)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85717"}, {"name": "SUSE-SU-2013:1390", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"}, {"name": "openSUSE-SU-2013:1410", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"}, {"name": "SUSE-SU-2013:1529", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T16:22:01.050Z"}, "title": "CVE Program Container", "references": [{"name": "95330", "tags": ["vdb-entry", "x_refsource_OSVDB", "x_transferred"], "url": "http://osvdb.org/95330"}, {"name": "53372", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/53372"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"}, {"name": "GLSA-201308-06", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"}, {"name": "openSUSE-SU-2013:1335", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"}, {"name": "oracle-cpujuly2013-cve20133808(85717)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85717"}, {"name": "SUSE-SU-2013:1390", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"}, {"name": "openSUSE-SU-2013:1410", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"}, {"name": "SUSE-SU-2013:1529", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"}]}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2013-3808", "datePublished": "2013-07-17T10:00:00", "dateReserved": "2013-06-03T00:00:00", "dateUpdated": "2024-08-06T16:22:01.050Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "matchCriteriaId": "E0DADE39-B64F-4B39-B1BC-321246990D9E", "versionEndIncluding": "5.1.68", "versionStartIncluding": "5.1.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "matchCriteriaId": "7F211A4F-DE9A-4C0E-8DF9-905A6BB3045A", "versionEndIncluding": "5.5.30", "versionStartIncluding": "5.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "matchCriteriaId": "7BF9E1EE-E431-43B6-8A8F-D6735D1B1662", "versionEndIncluding": "5.6.10", "versionStartIncluding": "5.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "matchCriteriaId": "A0C34802-52CC-4BFF-9ACD-043469E340C1", "versionEndExcluding": "5.5.31", "versionStartIncluding": "5.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "matchCriteriaId": "5AEC5D32-B35E-4013-A2E5-129FDA9D5EBB", "versionEndExcluding": "10.0.3", "versionStartIncluding": "10.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse:opensuse:11.4:*:*:*:*:*:*:*", "matchCriteriaId": "DE554781-1EB9-446E-911F-6C11970C47F4", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:12.2:*:*:*:*:*:*:*", "matchCriteriaId": "D806A17E-B8F9-466D-807D-3F1E77603DC8", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse:opensuse:12.3:*:*:*:*:*:*:*", "matchCriteriaId": "DFBF430B-0832-44B0-AA0E-BA9E467F7668", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*", "matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", "matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*", "matchCriteriaId": "2F7F8866-DEAD-44D1-AB10-21EE611AA026", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options."}, {"lang": "es", "value": "Vulnerabilidad sin especificar en el componente MySQL Server en Oracle MySQL 5.5.30 y anteriores, 5.1.68 y anteriores y 5.6.10 y anteriores, permite a usuarios autenticados remotamente comprometer la disponibilidad a trav\u00e9s de vectores relacionados con Server Options."}], "id": "CVE-2013-3808", "lastModified": "2022-08-26T17:23:43.107", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 4.0, "confidentialityImpact": "NONE", "integrityImpact": "NONE", "vectorString": "AV:N/AC:L/Au:S/C:N/I:N/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 2.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2013-07-17T13:41:16.913", "references": [{"source": "secalert_us@oracle.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-08/msg00022.html"}, {"source": "secalert_us@oracle.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2013-10/msg00001.html"}, {"source": "secalert_us@oracle.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-updates/2013-08/msg00024.html"}, {"source": "secalert_us@oracle.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-updates/2013-09/msg00008.html"}, {"source": "secalert_us@oracle.com", "tags": ["Broken Link"], "url": "http://osvdb.org/95330"}, {"source": "secalert_us@oracle.com", "tags": ["Not Applicable"], "url": "http://secunia.com/advisories/53372"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory"], "url": "http://security.gentoo.org/glsa/glsa-201308-06.xml"}, {"source": "secalert_us@oracle.com", "tags": ["Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/85717"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Analyzed", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2013:0772", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "mysql-0:5.1.69-1.el6_4", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2013-04-25T00:00:00Z"}], "bugzilla": {"description": "mysql: unspecified DoS related to Server Options (CPU July 2013)", "id": "985699", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=985699"}, "csaw": false, "cvss": {"cvss_base_score": "3.5", "cvss_scoring_vector": "AV:N/AC:M/Au:S/C:N/I:N/A:P", "status": "verified"}, "details": ["Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.1.68 and earlier, 5.5.30 and earlier, and 5.6.10 allows remote authenticated users to affect availability via unknown vectors related to Server Options."], "name": "CVE-2013-3808", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Under investigation", "package_name": "mysql", "product_name": "Red Hat Enterprise Linux 5"}], "public_date": "2013-07-17T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2013-3808\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-3808\nhttp://www.oracle.com/technetwork/topics/security/cpujuly2013-1899826.html#AppendixMSQL"], "statement": "This issue was addressed in the package mysql55-mysql as shipped with Red Hat Enterprise Linux 5 via RHEA-2013:1330. This issue was addressed in the package mysql as shipped with Red Hat Enterprise Linux 6 via RHSA-2013:0772.", "threat_severity": "Low", "upstream_fix": "mysql 5.6.11, mysql 5.5.31, mysql 5.1.69"}