CVE-2015-3152 — Improper Certificate Validation in Mariadb

CWE-295 — Improper Certificate Validation CWE-284 — Improper Access Control CWE-300 — Channel Accessible by Non-Endpoint22 documents7 sources

Severity

5.9MEDIUMNVD

EPSS

51.7%

top 2.10%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

Mariadb PHP Php5 +11 more

Timeline

PublishedMay 16

Latest updateMay 17

Description

Oracle MySQL before 5.7.3, Oracle MySQL Connector/C (aka libmysqlclient) before 6.1.3, and MariaDB before 5.5.44 use the --ssl option to mean that SSL is optional, which allows man-in-the-middle attackers to spoof servers via a cleartext-downgrade attack, aka a "BACKRONYM" attack.

CVSS vector

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:NExploitability: 2.2 | Impact: 3.6

Affected Packages9 packages

▶NVDoracle/mysql_connector_c6.1.2

▶NVDoracle/mysql5.7.2

▶NVDdbd-mysql_project/dbd-mysql4.043

▶NVDmariadb/mariadb5.5.0 — 5.5.44+1

▶NVDphp/php5.4.0 — 5.4.43+41

Also affects: Debian Linux 8.0, Fedora 21, 22, Enterprise Linux 7.1, 7.2, 7.3, 7.4, 7.5, 7.6, 7.7

Patches

Patch: github.com ↗Patch: github.com ↗

🔴Vulnerability Details

GHSA

GHSA-gqmm-72rw-vrp2: ext/mysqlnd/mysqlnd↗2022-05-17

▶

GHSA

GHSA-p7qr-v5jx-7qv3: Oracle MySQL before 5↗2022-05-14

▶

GHSA

GHSA-4384-9v4p-2vmf: The DBD::mysql module through 4↗2022-05-13

▶

CVEList

CVE-2017-10789: The DBD::mysql module through 4↗2017-07-01

▶

OSV

CVE-2017-10789: The DBD::mysql module through 4↗2017-07-01

▶

📋Vendor Advisories

Red Hat

perl-DBD-MySQL: Possible MITM attack when mysql_ssl=1↗2017-07-01

▶

Debian

CVE-2017-10789: libdbd-mysql-perl - The DBD::mysql module through 4.043 for Perl uses the mysql_ssl=1 setting to mea...↗2017

▶

Red Hat

php: mysqlnd interface vulnerable to BACKRONYM↗2015-05-20

▶

Red Hat

mysql: use of SSL/TLS can not be enforced in mysql client library (oCERT-2015-003, BACKRONYM)↗2015-04-29

▶

💬Community

Bugzilla

CVE-2018-2767 mysql: use of SSL/TLS not enforced in libmysqld (Return of BACKRONYM)↗2018-04-09

▶

Bugzilla

CVE-2017-10789 perl-DBD-MySQL: Possible MITM attack when mysql_ssl=1↗2017-07-04

▶

Bugzilla

CVE-2017-3305 mysql: incorrect enforcement of ssl-mode=REQUIRED in MySQL 5.5 and 5.6↗2017-03-13

▶

Bugzilla

CVE-2015-3152 mysql: use of SSL/TLS can not be enforced in mysql client library (oCERT-2015-003, BACKRONYM)↗2015-04-30

▶

Bugzilla

CVE-2015-3152 community-mysql: mysql: SSL/TLS downgrade (oCERT-2015-003) [fedora-all]↗2015-04-30

▶