Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2015-7224

Опубликовано: 21 дек. 2017
Источник: ubuntu
Приоритет: medium
CVSS2: 7.5
CVSS3: 9.8

Описание

puppetlabs-mysql 3.1.0 through 3.6.0 allow remote attackers to bypass authentication by leveraging creation of a database account without a password when a 'mysql_user' user parameter contains a host with a netmask.

РелизСтатусПримечание
devel

not-affected

3.x only
esm-infra-legacy/trusty

DNE

trusty/esm was DNE [trusty was not-affected [3.x only]]
precise

DNE

trusty

not-affected

3.x only
trusty/esm

DNE

trusty was not-affected [3.x only]
upstream

released

3.6.1-1
vivid

not-affected

3.x only

Показывать по

Ссылки на источники

7.5 High

CVSS2

9.8 Critical

CVSS3

Связанные уязвимости

nvd логотип

CVE-2015-7224

CVSS3: 9.8
nvd
около 8 лет назад

puppetlabs-mysql 3.1.0 through 3.6.0 allow remote attackers to bypass authentication by leveraging creation of a database account without a password when a 'mysql_user' user parameter contains a host with a netmask.

debian логотип

CVE-2015-7224

CVSS3: 9.8
debian
около 8 лет назад

puppetlabs-mysql 3.1.0 through 3.6.0 allow remote attackers to bypass ...

github логотип

GHSA-cg6c-24mc-jmx8

CVSS3: 9.8
github
больше 3 лет назад

puppetlabs-mysql 3.1.0 through 3.6.0 allow remote attackers to bypass authentication by leveraging creation of a database account without a password when a 'mysql_user' user parameter contains a host with a netmask.

7.5 High

CVSS2

9.8 Critical

CVSS3