1386897 – (CVE-2016-5598) CVE-2016-5598 mysql-connector-python: Unspecified vulnerability in subcomponent: Connector/Python

Bug 1386897 (CVE-2016-5598) - CVE-2016-5598 mysql-connector-python: Unspecified vulnerability in subcomponent: Connector/Python

Summary: CVE-2016-5598 mysql-connector-python: Unspecified vulnerability in subcompone...

Keywords:
Status:	CLOSED NOTABUG
Alias:	CVE-2016-5598
Product:	Security Response
Classification:	Other
Component:	vulnerability
Sub Component:
Version:	unspecified
Hardware:	All
OS:	Linux
Priority:	medium
Severity:	medium
Target Milestone:	---
Assignee:	Red Hat Product Security
QA Contact:
Docs Contact:
URL:
Whiteboard:
Depends On:	1386899 1386900
Blocks:
TreeView+	depends on / blocked

Reported:	2016-10-19 18:59 UTC by Adam Mariš
Modified:	2021-02-17 03:08 UTC (History)
CC List:	3 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2016-10-19 19:00:53 UTC
Embargoed:

Attachments	(Terms of Use)

Description Adam Mariš 2016-10-19 18:59:23 UTC

Vulnerability in the MySQL Connector component of Oracle MySQL (subcomponent: Connector/Python). Supported versions that are affected are 2.1.3 and earlier and 2.0.4 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Connector. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Connector accessible data as well as unauthorized read access to a subset of MySQL Connector accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Connector.

External References:

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881724.html#AppendixMSQL

Comment 1 Adam Mariš 2016-10-19 19:00:20 UTC

Created mysql-connector-python tracking bugs for this issue:

Affects: fedora-all [bug 1386899]
Affects: epel-all [bug 1386900]

Note You need to log in before you can comment on or make changes to this bug.