Search for vulnerabilities
Vulnerability details: VCID-4zxz-4nxm-aaap
Vulnerability ID VCID-4zxz-4nxm-aaap
Aliases CVE-2012-5615
Summary CVE-2012-5615 mysql: Remote Preauth User Enumeration flaw
Status Published
Exploitability 2.0
Weighted Severity 8.0
Risk 10.0
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-200 Exposure of Sensitive Information to an Unauthorized Actor
CWE-209 Generation of Error Message Containing Sensitive Information
System Score Found at
generic_textual Low http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-5615.html
rhas Important https://access.redhat.com/errata/RHSA-2014:1859
rhas Important https://access.redhat.com/errata/RHSA-2014:1860
rhas Important https://access.redhat.com/errata/RHSA-2014:1861
rhas Important https://access.redhat.com/errata/RHSA-2014:1862
rhas Important https://access.redhat.com/errata/RHSA-2014:1937
rhas Important https://access.redhat.com/errata/RHSA-2014:1940
epss 0.05751 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.05751 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.05751 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.05751 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.05751 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.05751 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.05751 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.05751 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.05751 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.05751 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.05751 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.05751 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.05751 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.05751 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.19215 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.20868 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.20868 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
epss 0.38552 https://api.first.org/data/v1/epss?cve=CVE-2012-5615
rhbs low https://bugzilla.redhat.com/show_bug.cgi?id=882608
generic_textual Low https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559
generic_textual Low http://seclists.org/fulldisclosure/2012/Dec/9
cvssv2 5.0 https://nvd.nist.gov/vuln/detail/CVE-2012-5615
generic_textual Low https://ubuntu.com/security/notices/USN-2384-1
generic_textual Low http://www.openwall.com/lists/oss-security/2012/12/02/3
generic_textual Low http://www.openwall.com/lists/oss-security/2012/12/02/4
cvssv3.1 7.5 http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
generic_textual MODERATE http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
generic_textual MODERATE http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
Reference id Reference type URL
http://lists.opensuse.org/opensuse-security-announce/2013-02/msg00000.html
http://lists.opensuse.org/opensuse-security-announce/2015-04/msg00016.html
http://people.canonical.com/~ubuntu-security/cve/2012/CVE-2012-5615.html
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2012-5615.json
https://api.first.org/data/v1/epss?cve=CVE-2012-5615
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2012-5615
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4274
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-4287
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6463
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6464
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6469
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6478
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6484
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6491
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6494
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6495
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6496
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6500
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6505
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6507
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6520
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6530
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6551
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6555
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-6559
http://seclists.org/fulldisclosure/2012/Dec/9
http://secunia.com/advisories/53372
http://security.gentoo.org/glsa/glsa-201308-06.xml
https://mariadb.atlassian.net/browse/MDEV-3909
https://ubuntu.com/security/notices/USN-2384-1
http://www.mandriva.com/security/advisories?name=MDVSA-2013:102
http://www.openwall.com/lists/oss-security/2012/12/02/3
http://www.openwall.com/lists/oss-security/2012/12/02/4
http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
http://www.oracle.com/technetwork/topics/security/cpuoct2014-1972960.html
882608 https://bugzilla.redhat.com/show_bug.cgi?id=882608
cpe:2.3:a:mariadb:mariadb:5.1.66:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mariadb:mariadb:5.1.66:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:5.2.13:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mariadb:mariadb:5.2.13:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:5.3.11:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mariadb:mariadb:5.3.11:*:*:*:*:*:*:*
cpe:2.3:a:mariadb:mariadb:5.5.28a:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mariadb:mariadb:5.5.28a:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:5.5.19:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql:5.5.19:*:*:*:*:*:*:*
CVE-2012-5615 https://nvd.nist.gov/vuln/detail/CVE-2012-5615
CVE-2012-5615;OSVDB-88067 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/multiple/remote/23081.pl
CVE-2012-5615;OSVDB-88067 Exploit https://gitlab.com/exploit-database/exploitdb/-/blob/main/exploits/windows/remote/23073.txt
GLSA-201308-06 https://security.gentoo.org/glsa/201308-06
RHSA-2014:1859 https://access.redhat.com/errata/RHSA-2014:1859
RHSA-2014:1860 https://access.redhat.com/errata/RHSA-2014:1860
RHSA-2014:1861 https://access.redhat.com/errata/RHSA-2014:1861
RHSA-2014:1862 https://access.redhat.com/errata/RHSA-2014:1862
RHSA-2014:1937 https://access.redhat.com/errata/RHSA-2014:1937
RHSA-2014:1940 https://access.redhat.com/errata/RHSA-2014:1940
USN-2384-1 https://usn.ubuntu.com/2384-1/
Data source Exploit-DB
Date added Dec. 2, 2012
Description MySQL 5.1/5.5 (Windows) - 'MySQLJackpot' Remote Command Execution
Ransomware campaign use Known
Source publication date Dec. 2, 2012
Exploit type remote
Platform windows
Source update date Dec. 4, 2016
Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2012-5615
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H Found at http://www.oracle.com/technetwork/topics/security/bulletinoct2015-2511968.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.93554
EPSS Score 0.05751
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.