{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2014-07-15T00:00:00", "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRINFOSC."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-10-09T18:57:01", "orgId": "43595867-4340-4103-b7a2-9a5208d29a85", "shortName": "oracle"}, "references": [{"tags": ["x_refsource_CONFIRM"], "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"}, {"name": "68564", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/68564"}, {"name": "oracle-cpujul2014-cve20144258(94620)", "tags": ["vdb-entry", "x_refsource_XF"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94620"}, {"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ"], "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"}, {"name": "1030578", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1030578"}, {"name": "SUSE-SU-2014:1072", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html"}, {"name": "SUSE-SU-2015:0743", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"}, {"name": "DSA-2985", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2014/dsa-2985"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"}, {"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "tags": ["mailing-list", "x_refsource_FULLDISC"], "url": "http://seclists.org/fulldisclosure/2014/Dec/23"}, {"name": "60425", "tags": ["third-party-advisory", "x_refsource_SECUNIA"], "url": "http://secunia.com/advisories/60425"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"}], "x_legacyV4Record": {"CVE_data_meta": {"ASSIGNER": "secalert_us@oracle.com", "ID": "CVE-2014-4258", "STATE": "PUBLIC"}, "affects": {"vendor": {"vendor_data": [{"product": {"product_data": [{"product_name": "n/a", "version": {"version_data": [{"version_value": "n/a"}]}}]}, "vendor_name": "n/a"}]}}, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": {"description_data": [{"lang": "eng", "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRINFOSC."}]}, "problemtype": {"problemtype_data": [{"description": [{"lang": "eng", "value": "n/a"}]}]}, "references": {"reference_data": [{"name": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html", "refsource": "CONFIRM", "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"}, {"name": "68564", "refsource": "BID", "url": "http://www.securityfocus.com/bid/68564"}, {"name": "oracle-cpujul2014-cve20144258(94620)", "refsource": "XF", "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94620"}, {"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"}, {"name": "1030578", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1030578"}, {"name": "SUSE-SU-2014:1072", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html"}, {"name": "SUSE-SU-2015:0743", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"}, {"name": "DSA-2985", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2014/dsa-2985"}, {"name": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"}, {"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "refsource": "FULLDISC", "url": "http://seclists.org/fulldisclosure/2014/Dec/23"}, {"name": "60425", "refsource": "SECUNIA", "url": "http://secunia.com/advisories/60425"}, {"name": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"}]}}}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T11:12:34.761Z"}, "title": "CVE Program Container", "references": [{"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"}, {"name": "68564", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/68564"}, {"name": "oracle-cpujul2014-cve20144258(94620)", "tags": ["vdb-entry", "x_refsource_XF", "x_transferred"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94620"}, {"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "tags": ["mailing-list", "x_refsource_BUGTRAQ", "x_transferred"], "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"}, {"name": "1030578", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1030578"}, {"name": "SUSE-SU-2014:1072", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html"}, {"name": "SUSE-SU-2015:0743", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"}, {"name": "DSA-2985", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2014/dsa-2985"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"}, {"name": "20141205 NEW: VMSA-2014-0012 - VMware vSphere product updates address security vulnerabilities", "tags": ["mailing-list", "x_refsource_FULLDISC", "x_transferred"], "url": "http://seclists.org/fulldisclosure/2014/Dec/23"}, {"name": "60425", "tags": ["third-party-advisory", "x_refsource_SECUNIA", "x_transferred"], "url": "http://secunia.com/advisories/60425"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"}]}]}, "cveMetadata": {"assignerOrgId": "43595867-4340-4103-b7a2-9a5208d29a85", "assignerShortName": "oracle", "cveId": "CVE-2014-4258", "datePublished": "2014-07-17T10:00:00", "dateReserved": "2014-06-17T00:00:00", "dateUpdated": "2024-08-06T11:12:34.761Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "matchCriteriaId": "336AF3D4-E99E-4CF4-AEF8-7DB7548C74EF", "versionEndIncluding": "5.5.37", "versionStartIncluding": "5.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*", "matchCriteriaId": "D63D31FB-294F-4919-BB8E-5CA7A973C029", "versionEndIncluding": "5.6.17", "versionStartIncluding": "5.6.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:*:*:*:*:*:*:*", "matchCriteriaId": "35D34345-0AD1-499C-9A74-982B2D3F305A", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_1:*:*:*:*:*:*", "matchCriteriaId": "3DF3F07E-6F4E-4B97-B313-7DA3E8A88451", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.0:update_2:*:*:*:*:*:*", "matchCriteriaId": "5C98B0EA-7A52-4BDF-90C2-38797FC2B75A", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:*:*:*:*:*:*:*", "matchCriteriaId": "FECF06B5-3915-48F0-A140-41C7A27EE99D", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_1:*:*:*:*:*:*", "matchCriteriaId": "BBD8B161-0A07-492F-89E4-7A0BD02F6464", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.1:update_2:*:*:*:*:*:*", "matchCriteriaId": "F3E8E0E1-FF63-425D-8C22-86B16CFB7B1A", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.5:*:*:*:*:*:*:*", "matchCriteriaId": "DCD65CE9-432D-43E5-B2BC-C3FCEBAA6F70", "vulnerable": true}, {"criteria": "cpe:2.3:a:vmware:vcenter_server_appliance:5.5:update_1:*:*:*:*:*:*", "matchCriteriaId": "DB2E2AAD-E221-4227-A41B-DC01BFDFCD6C", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*", "matchCriteriaId": "79A602C5-61FE-47BA-9786-F045B6C6DBA8", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:opensuse_project:suse_linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:*", "matchCriteriaId": "99258893-3460-4476-9D7B-87A105929E4E", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse_project:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*", "matchCriteriaId": "7B38803C-0B52-485E-8F5E-4BEFA606E21E", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse_project:suse_linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*", "matchCriteriaId": "462A90ED-B4E1-42E5-ABEF-68E3972526DF", "vulnerable": true}, {"criteria": "cpe:2.3:o:opensuse_project:suse_linux_enterprise_software_development_kit:11.0:sp3:*:*:*:*:*:*", "matchCriteriaId": "26627EDD-A852-400E-8524-E42B0177D3DC", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*", "matchCriteriaId": "16F59A04-14CF-49E2-9973-645477EA09DA", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "matchCriteriaId": "31B5BEDD-9736-44DF-8702-D822F4010159", "versionEndExcluding": "5.5.38", "versionStartIncluding": "5.5.0", "vulnerable": true}, {"criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*", "matchCriteriaId": "DF28BC03-4A7D-42F2-B8DD-D9797D117781", "versionEndExcluding": "10.0.12", "versionStartIncluding": "10.0.0", "vulnerable": true}], "negate": false, "operator": "OR"}]}, {"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:11:sp3:*:*:*:*:*:*", "matchCriteriaId": "3ED68ADD-BBDA-4485-BC76-58F011D72311", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_desktop:12:-:*:*:*:*:*:*", "matchCriteriaId": "D2DF4815-B8CB-4AD3-B91D-2E09A8E318E9", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:-:*:*", "matchCriteriaId": "E534C201-BCC5-473C-AAA7-AAB97CEB5437", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:*:vmware:*:*", "matchCriteriaId": "2470C6E8-2024-4CF5-9982-CFF50E88EAE9", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_server:12:-:*:*:*:*:*:*", "matchCriteriaId": "15FC9014-BD85-4382-9D04-C0703E901D7A", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:11:sp3:*:*:*:*:*:*", "matchCriteriaId": "2F7F8866-DEAD-44D1-AB10-21EE611AA026", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_software_development_kit:12:-:*:*:*:*:*:*", "matchCriteriaId": "1831D45A-EE6E-4220-8F8C-248B69520948", "vulnerable": true}, {"criteria": "cpe:2.3:o:suse:linux_enterprise_workstation_extension:12:*:*:*:*:*:*:*", "matchCriteriaId": "9DFA18B6-2642-470A-A350-68947529EE5D", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "descriptions": [{"lang": "en", "value": "Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRINFOSC."}, {"lang": "es", "value": "Vulnerabilidad no especificada en el componente MySQL Server en Oracle MySQL 5.5.37 y anteriores y 5.6.17 y anteriores permite a usuarios remotos autenticados afectar la confidencialidad, integridad y disponibilidad a trav\u00e9s de vectores relacionados con SRINFOSC."}], "id": "CVE-2014-4258", "lastModified": "2024-11-21T02:09:50.403", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "LOW", "accessVector": "NETWORK", "authentication": "SINGLE", "availabilityImpact": "PARTIAL", "baseScore": 6.5, "confidentialityImpact": "PARTIAL", "integrityImpact": "PARTIAL", "vectorString": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 8.0, "impactScore": 6.4, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2014-07-17T11:17:10.747", "references": [{"source": "secalert_us@oracle.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html"}, {"source": "secalert_us@oracle.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"}, {"source": "secalert_us@oracle.com", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2014/Dec/23"}, {"source": "secalert_us@oracle.com", "tags": ["Not Applicable"], "url": "http://secunia.com/advisories/60425"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2014/dsa-2985"}, {"source": "secalert_us@oracle.com", "tags": ["Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"}, {"source": "secalert_us@oracle.com", "tags": ["Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/68564"}, {"source": "secalert_us@oracle.com", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1030578"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory"], "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"}, {"source": "secalert_us@oracle.com", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94620"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2014-08/msg00012.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Mailing List", "Third Party Advisory"], "url": "http://seclists.org/fulldisclosure/2014/Dec/23"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Not Applicable"], "url": "http://secunia.com/advisories/60425"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.debian.org/security/2014/dsa-2985"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Vendor Advisory"], "url": "http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/archive/1/534161/100/0/threaded"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "http://www.securityfocus.com/bid/68564"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Broken Link", "Third Party Advisory", "VDB Entry"], "url": "http://www.securitytracker.com/id/1030578"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory"], "url": "http://www.vmware.com/security/advisories/VMSA-2014-0012.html"}, {"source": "af854a3a-2127-422b-91ae-364da2661108", "tags": ["Third Party Advisory", "VDB Entry"], "url": "https://exchange.xforce.ibmcloud.com/vulnerabilities/94620"}], "sourceIdentifier": "secalert_us@oracle.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "NVD-CWE-noinfo"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"affected_release": [{"advisory": "RHSA-2014:1859", "cpe": "cpe:/o:redhat:enterprise_linux:5", "package": "mysql55-mysql-0:5.5.40-2.el5", "product_name": "Red Hat Enterprise Linux 5", "release_date": "2014-11-17T00:00:00Z"}, {"advisory": "RHSA-2014:1861", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "mariadb-1:5.5.40-1.el7_0", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2014-11-17T00:00:00Z"}, {"advisory": "RHSA-2014:1937", "cpe": "cpe:/a:redhat:openstack:5::el6", "package": "mariadb-galera-0:5.5.40-2.el6ost", "product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 6", "release_date": "2014-12-02T00:00:00Z"}, {"advisory": "RHSA-2014:1940", "cpe": "cpe:/a:redhat:openstack:5::el7", "package": "mariadb-galera-1:5.5.40-2.el7ost", "product_name": "Red Hat Enterprise Linux OpenStack Platform 5.0 (Icehouse) for RHEL 7", "release_date": "2014-12-02T00:00:00Z"}, {"advisory": "RHSA-2014:1860", "cpe": "cpe:/a:redhat:rhel_software_collections:1::el6", "package": "mysql55-mysql-0:5.5.40-1.el6", "product_name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux 6", "release_date": "2014-11-17T00:00:00Z"}, {"advisory": "RHSA-2014:1862", "cpe": "cpe:/a:redhat:rhel_software_collections:1::el6", "package": "mariadb55-mariadb-0:5.5.40-10.el6", "product_name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux 6", "release_date": "2014-11-17T00:00:00Z"}, {"advisory": "RHSA-2014:1860", "cpe": "cpe:/a:redhat:rhel_software_collections:1::el6", "package": "mysql55-mysql-0:5.5.40-1.el6", "product_name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.4 EUS", "release_date": "2014-11-17T00:00:00Z"}, {"advisory": "RHSA-2014:1862", "cpe": "cpe:/a:redhat:rhel_software_collections:1::el6", "package": "mariadb55-mariadb-0:5.5.40-10.el6", "product_name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.4 EUS", "release_date": "2014-11-17T00:00:00Z"}, {"advisory": "RHSA-2014:1860", "cpe": "cpe:/a:redhat:rhel_software_collections:1::el6", "package": "mysql55-mysql-0:5.5.40-1.el6", "product_name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.5 EUS", "release_date": "2014-11-17T00:00:00Z"}, {"advisory": "RHSA-2014:1862", "cpe": "cpe:/a:redhat:rhel_software_collections:1::el6", "package": "mariadb55-mariadb-0:5.5.40-10.el6", "product_name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.5 EUS", "release_date": "2014-11-17T00:00:00Z"}, {"advisory": "RHSA-2014:1860", "cpe": "cpe:/a:redhat:rhel_software_collections:1::el6", "package": "mysql55-mysql-0:5.5.40-1.el6", "product_name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.6 EUS", "release_date": "2014-11-17T00:00:00Z"}, {"advisory": "RHSA-2014:1862", "cpe": "cpe:/a:redhat:rhel_software_collections:1::el6", "package": "mariadb55-mariadb-0:5.5.40-10.el6", "product_name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux 6.6 EUS", "release_date": "2014-11-17T00:00:00Z"}, {"advisory": "RHSA-2014:1860", "cpe": "cpe:/a:redhat:rhel_software_collections:1::el7", "package": "mysql55-mysql-0:5.5.40-1.el7", "product_name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux 7", "release_date": "2014-11-17T00:00:00Z"}, {"advisory": "RHSA-2014:1862", "cpe": "cpe:/a:redhat:rhel_software_collections:1::el7", "package": "mariadb55-mariadb-0:5.5.40-10.el7", "product_name": "Red Hat Software Collections 1 for Red Hat Enterprise Linux 7", "release_date": "2014-11-17T00:00:00Z"}], "bugzilla": {"description": "mysql: unspecified vulnerability related to SRINFOSC (CPU July 2014)", "id": "1120387", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1120387"}, "csaw": false, "cvss": {"cvss_base_score": "6.5", "cvss_scoring_vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P", "status": "verified"}, "details": ["Unspecified vulnerability in the MySQL Server component in Oracle MySQL 5.5.37 and earlier and 5.6.17 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via vectors related to SRINFOSC."], "name": "CVE-2014-4258", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:6", "fix_state": "Under investigation", "package_name": "mysql", "product_name": "Red Hat Enterprise Linux 6"}], "public_date": "2014-04-15T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2014-4258\nhttps://nvd.nist.gov/vuln/detail/CVE-2014-4258\nhttp://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html#AppendixMSQL"], "threat_severity": "Moderate"}