Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2012-2122Improper Authentication in Mariadb

CWE-287Improper AuthenticationCWE-704Incorrect Type Conversion or CastCWE-393Return of Wrong Status CodeCWE-305Authentication Bypass by Primary Weakness10 documents8 sources
Severity
5.1MEDIUMNVD
EPSS
93.9%
top 0.12%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
2
MariadbOracle Mysql
Timeline
PublishedJun 26
Latest updateOct 29

Description

sql/password.c in Oracle MySQL 5.1.x before 5.1.63, 5.5.x before 5.5.24, and 5.6.x before 5.6.6, and MariaDB 5.1.x before 5.1.62, 5.2.x before 5.2.12, 5.3.x before 5.3.6, and 5.5.x before 5.5.23, when running in certain environments with certain implementations of the memcmp function, allows remote attackers to bypass authentication by repeatedly authenticating with the same incorrect password, which eventually causes a token comparison to succeed due to an improperly-checked return value.

CVSS vector

AV:N/AC:H/C:P/I:P/A:PExploitability: 4.9 | Impact: 6.4

Affected Packages2 packages

NVDoracle/mysql27 versions+26
NVDmariadb/mariadb33 versions+32

Patches

Patch: seclists.orgPatch: seclists.org

🔴Vulnerability Details

1
GHSA
GHSA-4qx9-mwf7-7cx8: sql/password2022-05-17

💥Exploits & PoCs

2
Exploit-DB
MySQL - Authentication Bypass2012-06-12
Nuclei
MySQL - Authentication Bypass

📋Vendor Advisories

2
Ubuntu
MySQL vulnerabilities2012-06-11
Red Hat
mysql: incorrect type cast in check_scramble() leading to authentication bypass2012-06-09

📄Research Papers

1
arXiv
AgentCyTE: Leveraging Agentic AI to Generate Cybersecurity Training & Experimentation Scenarios2025-10-29

💬Community

3
Bugzilla
mysql: Oracle CPU July 20122012-06-15
Bugzilla
CVE-2012-2122 mysql: incorrect type case in check_scramble() leading to authentication bypass [fedora-all]2012-06-11
Bugzilla
CVE-2012-2122 mysql: incorrect type cast in check_scramble() leading to authentication bypass2012-04-20