{
  "threat_severity" : "Moderate",
  "public_date" : "2013-04-16T00:00:00Z",
  "bugzilla" : {
    "description" : "mysql: unspecified vulnerability related to Information Schema (CPU April 2013)",
    "id" : "952862",
    "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=952862"
  },
  "cvss" : {
    "cvss_base_score" : "6.0",
    "cvss_scoring_vector" : "AV:N/AC:M/Au:S/C:P/I:P/A:P",
    "status" : "verified"
  },
  "details" : [ "Unspecified vulnerability in Oracle MySQL 5.1.67 and earlier, 5.5.29 and earlier, and 5.6.10 and earlier allows remote authenticated users to affect confidentiality, integrity, and availability via unknown vectors related to Information Schema." ],
  "statement" : "On Red Hat Enterprise Linux 5.10, new MySQL 5.5 packages are available which are not vulnerable to this issue.  Future updates for MySQL 5.0 will no longer be made available (mysql-5.0.* and related packages); security advisories will be provided only for MySQL 5.5.  Please refer to https://rhn.redhat.com/errata/RHEA-2013-1330.html for further information.",
  "affected_release" : [ {
    "product_name" : "Red Hat Enterprise Linux 6",
    "release_date" : "2013-04-25T00:00:00Z",
    "advisory" : "RHSA-2013:0772",
    "cpe" : "cpe:/o:redhat:enterprise_linux:6",
    "package" : "mysql-0:5.1.69-1.el6_4"
  } ],
  "package_state" : [ {
    "product_name" : "Red Hat Enterprise Linux 5",
    "fix_state" : "Under investigation",
    "package_name" : "mysql",
    "cpe" : "cpe:/o:redhat:enterprise_linux:5"
  } ],
  "references" : [ "https://www.cve.org/CVERecord?id=CVE-2013-2378\nhttps://nvd.nist.gov/vuln/detail/CVE-2013-2378\nhttp://www.oracle.com/technetwork/topics/security/cpuapr2013-1899555.html#AppendixMSQL" ],
  "name" : "CVE-2013-2378",
  "csaw" : false
}