Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2012-5627

Опубликовано: 01 окт. 2013
Источник: nvd
CVSS2: 4
EPSS Низкий

Описание

Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.

Ссылки

Уязвимые конфигурации

Конфигурация 1
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
Версия от 5.5.0 (включая) до 5.5.29 (исключая)
Конфигурация 2

Одно из

cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
Версия от 5.2.0 (включая) до 5.2.14 (исключая)
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
Версия от 5.3.0 (включая) до 5.3.12 (исключая)
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
Версия от 5.5.0 (включая) до 5.5.29 (исключая)
cpe:2.3:a:mariadb:mariadb:10.0.0:*:*:*:*:*:*:*

EPSS

Процентиль: 88%
0.04131
Низкий

4 Medium

CVSS2

Дефекты

CWE-522

Связанные уязвимости

ubuntu логотип

CVE-2012-5627

ubuntu
около 12 лет назад

Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.

redhat логотип

CVE-2012-5627

redhat
почти 13 лет назад

Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.

msrc логотип

CVE-2012-5627

msrc
около 5 лет назад

Oracle MySQL and MariaDB 5.5.x before 5.5.29 5.3.x before 5.3.12 and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.

debian логотип

CVE-2012-5627

debian
около 12 лет назад

Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and ...

github логотип

GHSA-46h7-m4g6-26pp

github
больше 3 лет назад

Oracle MySQL and MariaDB 5.5.x before 5.5.29, 5.3.x before 5.3.12, and 5.2.x before 5.2.14 does not modify the salt during multiple executions of the change_user command within the same connection which makes it easier for remote authenticated users to conduct brute force password guessing attacks.

EPSS

Процентиль: 88%
0.04131
Низкий

4 Medium

CVSS2

Дефекты

CWE-522