CVE-2016-3452
3.7
LOW
CVSS 3.1
EPSS 2.5%
Description
Unspecified vulnerability in Oracle MySQL 5.5.48 and earlier, 5.6.29 and earlier, and 5.7.10 and earlier and MariaDB before 5.5.49, 10.0.x before 10.0.25, and 10.1.x before 10.1.14 allows remote attackers to affect confidentiality via vectors related to Server: Security: Encryption.
How to fix CVE-2016-3452
To remediate CVE-2016-3452, upgrade the affected package to a fixed version below.
- Alpine/mariadb—upgrade to 5.5.51-r0 or later
Is CVE-2016-3452 being exploited?
Low — EPSS is 2.5%, meaning exploitation activity has not been observed at scale.
Affected packages (1)
- from 0, < 5.5.51-r0
CVSS scores
| Source | Version | Severity | Vector |
|---|---|---|---|
| osv | CVSS 3.1 | LOW3.7 | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N |