CVE-2015-1027 in Toolkitinfo

Zusammenfassung

von MITRE

The version checking subroutine in percona-toolkit before 2.2.13 and xtrabackup before 2.2.9 was vulnerable to silent HTTP downgrade attacks and Man In The Middle attacks in which the server response could be modified to allow the attacker to respond with modified command payload and have the client return additional running configuration information leading to an information disclosure of running configuration of MySQL.

VulDB is the best source for vulnerability data and more expert information about this specific topic.

🔬 Show More Details

An in-depth analysis is available in our curated vulnerability entry.

Reservieren

10.01.2015

Veröffentlichung

28.09.2017

Moderieren

akzeptiert

Eintrag

VDB-107225

CPE

bereit

CWE

CWE-200 (bestätigt)

CVSS

5.9 (NVD)

EPSS

0.00264

KEV

nein

Aktivitäten

very low

Sektor

Telecommunication, Lawfirm, ...

Quellen

MITRE	https://www.cve.org/CVERecord?id=CVE-2015-1027
NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-1027
CVE Details	https://www.cvedetails.com/cve/CVE-2015-1027/

◂ Zurück Übersicht Weiter ▸

Do you want to use VulDB in your project?

Use the official API to access entries easily!