- Description
- MySQL Manager in Apple Mac OS X 10.3.9 and 10.4.6, when setting up a new MySQL database server, does not use the "New MySQL root password" that is provided, which causes the MySQL root password to be blank and allows local users to gain full privileges to that database.
- Source
- cve@mitre.org
- NVD status
- Modified
CVSS 2.0
- Type
- Primary
- Base score
- 7.2
- Impact score
- 10
- Exploitability score
- 3.9
- Vector string
- AV:L/AC:L/Au:N/C:C/I:C/A:C
- Hype score
- Not currently trending
- Comment
- -
- Impact
- -
- Solution
- -
[
{
"nodes": [
{
"negate": false,
"cpeMatch": [
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.3.9:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "DC6931D5-DE7E-41F6-ADDC-AB5A8A167F69"
},
{
"criteria": "cpe:2.3:o:apple:mac_os_x:10.4.6:*:*:*:*:*:*:*",
"vulnerable": true,
"matchCriteriaId": "BB0F2132-8431-4CEF-9A3D-A69425E3834E"
}
],
"operator": "OR"
}
]
}
]