Search for vulnerabilities
Vulnerability details: VCID-vjk6-9r8q-aaac
Vulnerability ID VCID-vjk6-9r8q-aaac
Aliases CVE-2016-2047
Summary CVE-2016-2047 mysql: ssl-validate-cert incorrect hostname check
Status Published
Exploitability 0.5
Weighted Severity 9.0
Risk 4.5
Affected and Fixed Packages Package Details
Weaknesses (2)
CWE-254 7PK - Security Features
CWE-295 Improper Certificate Validation
System Score Found at
generic_textual Medium http://marc.info/?l=oss-security&m=145379584107459&w=2
generic_textual Medium http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2047.html
rhas Moderate https://access.redhat.com/errata/RHSA-2016:0534
rhas Critical https://access.redhat.com/errata/RHSA-2016:0705
rhas Important https://access.redhat.com/errata/RHSA-2016:1480
rhas Moderate https://access.redhat.com/errata/RHSA-2016:1481
epss 0.00464 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.00464 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.00464 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.00464 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.00464 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.00464 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.00464 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.00464 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.00464 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.00464 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.00464 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.00464 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.00562 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.00562 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.00562 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.00562 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01139 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01749 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01749 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01749 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01749 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01749 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01749 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01749 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01749 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01749 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01749 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01749 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01749 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01749 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.01749 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
epss 0.03277 https://api.first.org/data/v1/epss?cve=CVE-2016-2047
rhbs medium https://bugzilla.redhat.com/show_bug.cgi?id=1301874
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0505
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0546
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0596
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0597
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0598
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0600
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0606
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0608
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0609
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0616
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0640
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0641
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0642
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0643
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0644
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0646
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0647
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0648
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0649
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0650
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0666
generic_textual Medium https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2047
cvssv2 4.9 https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
generic_textual Medium https://github.com/MariaDB/server/commit/f0d774d48416bb06063184380b684380ca005a41
generic_textual Medium https://mariadb.atlassian.net/browse/MDEV-9212
cvssv2 4.3 https://nvd.nist.gov/vuln/detail/CVE-2016-2047
cvssv3 5.9 https://nvd.nist.gov/vuln/detail/CVE-2016-2047
generic_textual Medium https://ubuntu.com/security/notices/USN-2953-1
generic_textual Medium https://ubuntu.com/security/notices/USN-2954-1
cvssv3.1 9.8 http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
generic_textual CRITICAL http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
cvssv3.1 8.8 http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
generic_textual HIGH http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
Reference id Reference type URL
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00035.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00053.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00033.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00034.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00051.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00053.html
http://marc.info/?l=oss-security&m=145379584107459&w=2
http://people.canonical.com/~ubuntu-security/cve/2016/CVE-2016-2047.html
http://rhn.redhat.com/errata/RHSA-2016-0534.html
http://rhn.redhat.com/errata/RHSA-2016-0705.html
http://rhn.redhat.com/errata/RHSA-2016-1480.html
http://rhn.redhat.com/errata/RHSA-2016-1481.html
https://access.redhat.com/errata/RHSA-2016:1132
https://access.redhat.com/hydra/rest/securitydata/cve/CVE-2016-2047.json
https://api.first.org/data/v1/epss?cve=CVE-2016-2047
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0505
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0546
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0596
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0597
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0598
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0600
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0606
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0608
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0609
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0616
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0640
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0641
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0642
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0643
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0644
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0646
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0647
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0648
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0649
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0650
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0666
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2047
https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
https://github.com/MariaDB/server/commit/f0d774d48416bb06063184380b684380ca005a41
https://mariadb.atlassian.net/browse/MDEV-9212
https://mariadb.com/kb/en/mariadb/mariadb-10110-release-notes/
https://mariadb.com/kb/en/mariadb/mariadb-5547-release-notes/
https://mariadb.com/kb/en/mdb-10023-rn/
https://ubuntu.com/security/notices/USN-2953-1
https://ubuntu.com/security/notices/USN-2954-1
http://www.debian.org/security/2016/dsa-3453
http://www.debian.org/security/2016/dsa-3557
http://www.openwall.com/lists/oss-security/2016/01/26/3
http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
http://www.securityfocus.com/bid/81810
http://www.securitytracker.com/id/1035606
http://www.ubuntu.com/usn/USN-2953-1
http://www.ubuntu.com/usn/USN-2954-1
1301874 https://bugzilla.redhat.com/show_bug.cgi?id=1301874
cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:mariadb:mariadb:*:*:*:*:*:*:*:*
cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:a:oracle:mysql:*:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:oracle:linux:7:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:* https://nvd.nist.gov/vuln/search/results?adv_search=true&isCpeNameSearch=true&query=cpe:2.3:o:redhat:enterprise_linux:7.0:*:*:*:*:*:*:*
CVE-2016-2047 https://nvd.nist.gov/vuln/detail/CVE-2016-2047
RHSA-2016:0534 https://access.redhat.com/errata/RHSA-2016:0534
RHSA-2016:0705 https://access.redhat.com/errata/RHSA-2016:0705
RHSA-2016:1480 https://access.redhat.com/errata/RHSA-2016:1480
RHSA-2016:1481 https://access.redhat.com/errata/RHSA-2016:1481
USN-2953-1 https://usn.ubuntu.com/2953-1/
USN-2954-1 https://usn.ubuntu.com/2954-1/
No exploits are available.
Vector: AV:N/AC:M/Au:S/C:P/I:P/A:N Found at https://ftp.suse.com/pub/projects/security/yaml/suse-cvss-scores.yaml
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2016-2047
Exploitability (E) Access Vector (AV) Access Complexity (AC) Authentication (Au) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

high

functional

unproven

proof_of_concept

not_defined

local

adjacent_network

network

high

medium

low

multiple

single

none

none

partial

complete

none

partial

complete

none

partial

complete
Vector: CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N Found at https://nvd.nist.gov/vuln/detail/CVE-2016-2047
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/security-advisory/cpuapr2016v3-2985753.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H Found at http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
Attack Vector (AV) Attack Complexity (AC) Privileges Required (PR) User Interaction (UI) Scope (S) Confidentiality Impact (C) Integrity Impact (I) Availability Impact (A)

network

adjacent_network

local

physical

low

high

none

low

high

none

required

unchanged

changed

high

low

none

high

low

none

high

low

none
Exploit Prediction Scoring System (EPSS)
Percentile 0.75944
EPSS Score 0.00464
Published At Nov. 1, 2024, midnight
Date Actor Action Source VulnerableCode Version
There are no relevant records.