Mysql Cluster
CVE-2016-5541
MEDIUM
Severity by source
AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
Primary rating from NVD · only source for this CVE.
CVSS VectorNVD
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L
Lifecycle Timeline
1DescriptionCVE.org
Vulnerability in the MySQL Cluster component of Oracle MySQL (subcomponent: Cluster: NDBAPI). Supported versions that are affected are 7.2.26 and earlier, 7.3.14 and earlier and 7.4.12 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Cluster. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS v3.0 Base Score 4.8 (Integrity and Availability impacts).
AnalysisAI
Vulnerability in the MySQL Cluster component of Oracle MySQL (subcomponent: Cluster: NDBAPI). Rated medium severity (CVSS 4.8), this vulnerability is remotely exploitable, no authentication required.
Technical ContextAI
Vulnerability in the MySQL Cluster component of Oracle MySQL (subcomponent: Cluster: NDBAPI). Supported versions that are affected are 7.2.26 and earlier, 7.3.14 and earlier and 7.4.12 and earlier. Difficult to exploit vulnerability allows unauthenticated attacker with network access via multiple protocols to compromise MySQL Cluster. Successful attacks of this vulnerability can result in unauthorized update, insert or delete access to some of MySQL Cluster accessible data and unauthorized ability to cause a partial denial of service (partial DOS) of MySQL Cluster. CVSS v3.0 Base Score 4.8 (Integrity and Availability impacts). Affected products include: Oracle Mysql Cluster.
RemediationAI
A vendor patch is available. Apply the latest security update as soon as possible. Apply vendor patches when available. Implement network segmentation and monitoring as interim mitigations.
More in Mysql Cluster
View allNode.js before 16.6.0, 14.17.4, and 12.22.4 is vulnerable to Remote Code Execution, XSS, Application crashes due to miss
napi_get_value_string_*() allows various kinds of memory corruption in node < 10.21.0, 12.18.0, and < 14.4.0. Rated high
Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to DNS rebinding attacks as the whitelist includes “
TLS session reuse can lead to host certificate verification bypass in node version < 12.18.0 and < 14.4.0. Rated high se
A vulnerability was found in Hibernate-Validator. Rated medium severity (CVSS 6.1), this vulnerability is remotely explo
If the Node.js https API was used incorrectly and "undefined" was in passed for the "rejectUnauthorized" parameter, no e
Due to the formatting logic of the "console.table()" function it was not safe to allow user controlled input to be passe
Remote unauthenticated denial-of-service in Oracle MySQL Server and MySQL Cluster (8.0.x, 8.4.x, and 9.0.0-9.7.0) allows
Node.js before 10.24.0, 12.21.0, 14.16.0, and 15.10.0 is vulnerable to a denial of service attack when too many connecti
A Node.js application that allows an attacker to trigger a DNS request for a host of their choice could trigger a Denial
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Rated medium severity (CVSS 6.5),
Vulnerability in the MySQL Server product of Oracle MySQL (component: Server: Parser). Rated medium severity (CVSS 6.5),
Same technique Denial Of Service
View allShare
External POC / Exploit Code
Leaving vuln.today