CVE-2016-6664

Published Dec 13, 2016

Last updated 2 years ago

CVSS high 7.0

Overview

Description: mysqld_safe in Oracle MySQL through 5.5.51, 5.6.x through 5.6.32, and 5.7.x through 5.7.14; MariaDB; Percona Server before 5.5.51-38.2, 5.6.x before 5.6.32-78-1, and 5.7.x before 5.7.14-8; and Percona XtraDB Cluster before 5.5.41-37.0, 5.6.x before 5.6.32-25.17, and 5.7.x before 5.7.14-26.17, when using file-based logging, allows local users with access to the mysql account to gain root privileges via a symlink attack on error logs and possibly other files.
Source: cve@mitre.org
NVD status: Analyzed

Risk scores

CVSS 3.1

Type: Primary
Base score: 7
Impact score: 5.9
Exploitability score: 1
Vector string: CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H
Severity: HIGH

CVSS 2.0

Type: Primary
Base score: 6.9
Impact score: 10
Exploitability score: 3.4
Vector string: AV:L/AC:M/Au:N/C:C/I:C/A:C

Weaknesses

nvd@nist.gov: CWE-59

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C9AF2DBB-5492-472D-8452-2DEE5A7F7705",
            "versionEndIncluding": "5.5.51",
            "versionStartIncluding": "5.5.0"
          },
          {
            "criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "C2054FC8-0A91-4F90-AD0A-DB0434F6FB93",
            "versionEndIncluding": "5.6.32",
            "versionStartIncluding": "5.6.0"
          },
          {
            "criteria": "cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "19F0E49E-EB60-4C6C-860B-BB2F277D8F4C",
            "versionEndIncluding": "5.7.14",
            "versionStartIncluding": "5.7.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "7425B1AD-88EE-4E62-8F91-F3FE413F0F4E",
            "versionEndExcluding": "5.5.54",
            "versionStartIncluding": "5.5.0"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "5750A91A-1784-4DE9-B72C-61A3B48B0892",
            "versionEndExcluding": "10.0.29",
            "versionStartIncluding": "10.0.0"
          },
          {
            "criteria": "cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "70247F46-D133-4E30-AE2F-8974DEFDA1AA",
            "versionEndExcluding": "10.1.21",
            "versionStartIncluding": "10.1.0"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:percona:percona_server:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "60C8B060-E593-4D21-AB7D-DD5C287B315A",
            "versionEndExcluding": "5.5.51-38.2",
            "versionStartIncluding": "5.5"
          },
          {
            "criteria": "cpe:2.3:a:percona:percona_server:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "93C4414B-CF0F-483D-AC22-8CA91ADDD822",
            "versionEndExcluding": "5.6.32-78.1",
            "versionStartIncluding": "5.6"
          },
          {
            "criteria": "cpe:2.3:a:percona:percona_server:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "28204957-5E37-4E3A-B2BC-A01A9DD784C0",
            "versionEndExcluding": "5.7.14-8",
            "versionStartIncluding": "5.7"
          }
        ],
        "operator": "OR"
      }
    ]
  },
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:percona:xtradb_cluster:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "84A27E79-2719-430A-8F24-1E39E59149A9",
            "versionEndExcluding": "5.5.41-37.0",
            "versionStartIncluding": "5.5"
          },
          {
            "criteria": "cpe:2.3:a:percona:xtradb_cluster:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "61EA03ED-0F66-4C3F-967B-8B6288DB3F46",
            "versionEndExcluding": "5.6.32-25.17",
            "versionStartIncluding": "5.6"
          },
          {
            "criteria": "cpe:2.3:a:percona:xtradb_cluster:*:*:*:*:*:*:*:*",
            "vulnerable": true,
            "matchCriteriaId": "F746563B-6F42-4539-8036-D740651AF959",
            "versionEndExcluding": "5.7.14-26.17",
            "versionStartIncluding": "5.7"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 3.1

CVSS 2.0

Weaknesses

Social media

Configurations

References